Business Email Compromise

Always follow your organisation's official security guidelines when reporting suspicious emails.

 

What is a Business Email Compromise (BEC)?

A business email compromise (BEC) refers to an attack where a business email account has been compromised by an attacker and used to phish or scam other users inside the same organisation.

If you suspect a business email compromise, please contact your security team immediately. If an email account has been compromised, verifying the sender's identity by sending an email or an instant message (skype, slack) is not a safe option. Always seek for a face to face or over the phone confirmation.

 

Elements of a Business Email Compromise:

  • Multiple emails to a wide audience from the same sender
  • A person in your organisation sends an unusual email
  • You are being asked to do something (e.g. click a link, send money, other instructions) urgently

 

Always follow your organisation's official security guidelines when reporting suspicious emails.

Was this article helpful?

41 out of 42 found this helpful

Have more questions? Submit a request