What is business email compromise?
Business email compromise (BEC) is a form of targeted phishing, or spear phishing. Criminals target organisations and try to scam them out of money or goods. They also target employees and try and trick them into revealing important business information.  
Criminals use emails to pretend to be business representatives. They also use the compromised email accounts of employees.
Maybe a friend, colleague, or service provider has received a suspicious email from ‘you’, but you didn’t send it. The email may request payment for an invoice or ask to change bank account details.
Alternatively, maybe you noticed you are receiving unusual emails in your own email account. They may be about suspicious login activity or unexpected password resets. You might have also noticed emails have been deleted or moved to different folders.
These could be indicators of BEC.
Learn more and get help
Protecting Against Business Email Compromise
Business email compromise is when criminals use email to abuse trust in business processes to scam organisations out of money or goods.
Report and recover from business email compromise
Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Preventing business email compromise
There are many easy steps and actions you can take now to protect your business. Learn about the simple, cost-effective and immediately beneficial protective measures you can implement.
