Business Email Compromise (BEC) is an online scam where a cybercriminal impersonates another business representative to trick an employee, customer or vendor into transferring money or sensitive information to the scammer.
Because these scams don't often use malicious links or attachments, they can get past anti-virus programs and spam filters. These emails can include invoices or fines that may include threats to cancel your service or charge an excessive penalty if you don't pay immediately.
This type of attack, due to the low implementation cost and high returns, is quickly becoming one of the fastest growing online business scams.
In Australia business email compromise has resulted in more than $20 million in associated losses across 2016-17.
Criminals are constantly developing increasingly sophisticated BEC techniques that often include a combination of social engineering, email phishing, email spoofing and malware.