Determine And Investigate Service Email Compromise (bec) Scams 〈500+ Limited〉
: A sudden request to change payment instructions or bank account details for a known vendor is a major indicator.
Detecting a BEC attempt requires looking for psychological and technical anomalies: : A sudden request to change payment instructions
: Attackers use "lookalike" domains (e.g., company-inc.com instead of companyinc.com ) or spoofed display names to appear legitimate. : Requests that deviate from standard business procedures,
: Scams often use high-pressure language (e.g., "urgent," "strictly confidential") to force quick action without verification. Determining a BEC Scam (Red Flags)
: Requests that deviate from standard business procedures, such as a CEO asking an assistant to buy gift cards, are common lures. Investigating a Suspected Incident
Business Email Compromise (BEC) is a sophisticated social engineering scam where attackers impersonate a trusted source—such as a CEO, vendor, or attorney—to trick employees into transferring money or sensitive data. Because these emails typically contain only text and avoid malicious links or attachments, they often bypass standard security filters. Determining a BEC Scam (Red Flags)
buried in a bookshelf
You must be logged in to post a comment.