Download PDF version Contact company

Business Email Compromise (BEC) is the most significant cybersecurity threat to enterprise organisations, with $1.8 billion in reported losses in 2020 alone. This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact—typically an executive, coworker, vendor, or partner—to steal money or valuable information.

Because these emails rarely contain malicious links or attachments, they are difficult to detect by standard email security protocols, leaving organisations wide open to attack. New research from the FBI IC3 Internet Crime Report shows that BEC attacks account for 44% of all losses due to cybercrime, making it the most dangerous threat for the sixth consecutive year.

The rising cost of business email compromise

Secure email gateways and other traditional security measures are unable to protect against this novel, never-before-seen attacks. Once they arrive in inboxes, the employees open and respond to them, putting the organisation at risk for financial and reputational damage.

IC3 Internet Crime Report shows that there were 19,369 victims of business email compromise attacks in 2020

Without a new approach, BEC will only continue to grow, and organisations worldwide will continue to suffer the consequences. The IC3 Internet Crime Report shows that there were 19,369 victims of business email compromise attacks in 2020, costing organisations an average of $96,000 per attack.

Making matters worse is the fact that this number only includes successful attacks where victims are conned into sending money—it shows nothing about the number of attempts and near-misses.

Employees respond to BEC at alarming rates

Unfortunately, the impact of business email compromise attacks is much higher than what the FBI report shows. The new research shows that an average organisation receives more than 50 BEC attacks per month. Making matters worse, we found that 20% of employees engage with their attacker by responding to at least one email.

Even if employees are trained on how to detect an attack and respond appropriately, cybercriminals are constantly revising their schemes, attempting to stay ahead of changes in technology and training, and oftentimes doing so successfully.

Putting a stop to BEC

Business email compromise attacks are so successful because they do not contain traditional indicators of compromise—there are no suspicious links or malicious attachments to examine, and they often come from legitimate domains like Gmail or Yahoo.

In other cases, they come from newly registered domains that have no negative reputations and may use lookalike tactics to fool people into thinking they are the real domain. As a result, there is little that secure email gateways can do to block these attacks. To do so, companies need a new type of email security, one that understands the good human behaviour to identify and block the bad.

Abnormal Security uses a unique behaviour data science approach to profile and baseline good behaviour. With a combination of identity modelling, behavioural and relationship graphics, and deep content analysis, it can stop emails that include suspicious information or requests even without traditional indicators of compromise.

Download PDF version Download PDF version

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

Quick poll
What's the primary benefit of integrating access control with video surveillance?