Business Email Compromise (BEC)

A tried and tested form of attack with a new look

According to the latest FBI figures, email fraud has risen in recent months. In fact, the total damage caused to businesses by cybercriminals in the past five years has been more than $5.3 billion. This represents an increase of more than 2.3 percent. (Source: FBI Statement of 05.04.2017 on Business Email Compromise)


Germany’s BKA warns about cybercriminals causing damages in the hundreds of millions. In 2016 alone, the official figures cite around 83,000 such incidents (source: Cybercrime Bundeslagebild 2016). However, the true figure is likely to be much higher. Worse still is the fear that an incident of this type can lead companies to have an impact on the outside world.

CEO Fraud is a variant of Business Email Compromise

Infographic about business email compromise

Business Email Compromise (BEC) is characterized according to its different forms. In addition to compromising an employee’s email account, methods such as spear phishing or CEO fraud are also used, the latter being preferred by criminals for gaining access to confidential company information or money. Companies are often taken for six-, seven- or even eight- digit sums. This happened in 2016 at a well-known Nuremberg-based auto parts supplier, and the damage was about 40 million euros. (Source: Heise article from 08.16.2016)


The approach of the BEC authors is almost always the same, with the difference that not only are seemingly credible emails used, but ever more malware is added to the attacks.

Business Email Compromise often consists of an additional ransomware attack. As already mentioned, the perpetrators mainly focus on financial goals. Depending on the attack pattern, the amount of money captured varies.

Perpetrators intelligently design their actions. In order to find out whether a company can be blackmailed or what the liquidity situation of the target company is, the ransom money is first blackmailed through a ransomware attack. If this attack turns out to be useful to the perpetrators, an additional spearfishing attack may follow.

Cyberthreat Report

Download Cyberthreat Report 2020

How well protected are you against cyber attacks? Read the latest Hornetsecurity report on cyber threats.

Business Email Compromise – It’s Not Just A Matter Company Size

Using Business Email Compromise (BEC), authors are not limited solely to attacking large companies because employees are often the target of attack. According to IT industry association Bitkom, 60% of Internet users are not aware of what polymorphic viruses are and that makes them a highly attractive target. (Source: Bitkom press release dated 05.12.2017)


And while 41% of Internet users who have been exposed to ransomware know the dangers of such an attack, they do not want to take active security measures. This shows that some knowledge is there, but its effect is minimized. After all, most people believe that it always affects others and that their own companies are unlikely to be the target of cybercriminals.


In reality, this assumption doesn’t take into account the number of unreported cases. Such information is rarely communicated to the public by the affected companies.


Furthermore, the perpetrators are no longer the technically clever individuals who wants to earn a few extra bucks. Rather, it turns out this new breed of professional attackers choose cybercrime primarily because they consider it extremely lucrative. This applies in particular to Business Email Compromise (BEC).

¿What counts? Speed!

There are protection mechanisms that defend companies from a case as serious as this one. However, a firewall or an antivirus program is not one of them. Special forms of attack require specific defense mechanisms, which in such cases must take effect particularly quickly.

Especially those companies that are not very familiar with the implementation of security mechanisms of this type should consider the use of Managed Security Services. Outsourcing IT security is the magic word – because this is the only way to reduce the imbalance between the expertise of cybercriminals and the businesses they prey upon.

Automated cloud-based processes and innovative technology that reliably protects businesses against complex cyber attacks – a solution offered by Hornetsecurity. With Advanced Threat Protection (ATP), we are able to sustainably contain Business Email Compromise (BEC). In this way, we protect our clients not only against CEO fraud, but also against ransomware attacks and phishing attacks.

Protect with Advanced Threat Protection!

Visit our knowledge base

Did you like our contribution from the knowledge base on Business Email Compromise? Then you can access the overview page of our knowledge database here. There you can learn more about topics like Trojans, Malware, Crypto Mining, IT Security, DDoS attacks, Cryptolocker Virus, Computer Worm, Brute Force Attacks, GoBD, Cyber Kill Chain and Emotet.