Business Email Compromise
Business Email Compromise (BEC) attacks frequently impersonate a high-level executive in an attempt to coerce an employee to transfer funds or confidential information. These attacks prey heavily on social engineering and rarely contain malicious attachments or links, resulting in frequent delivery into employee inboxes.
The Anatomy Of The Attack
The framework that attackers use when launching email attacks starts with the Pretext. Attackers will impersonate a Brand, Internal Employee or a trusted External Partner/Vendor. In the case of an Executive Impersonation, the attackers will impersonate the sender using a variety of methods. The delivery may contain an attachment or a link, but many successful attacks will by pass detection methods by only leveraging simple requests in the email body.