Content written for

Small & medium business

What is business email compromise?

Business email compromise (BEC) is a form of targeted phishing, or spear phishing. Criminals target organisations and try to scam them out of money or goods. They also target employees and try and trick them into revealing important business information. 

Criminals use emails to pretend to be business representatives. They also use the compromised email accounts of employees.

Want to learn more?

Read about the risks and how to protect yourself and recover from BEC on our Preventing Business Email Compromise page.

If you’ve been targeted  

  1. Report to authorities: Report the incident to us at ReportCyber.
  2. Check account security: Secure any compromised accounts.  
  3. Notify contacts and relevant third parties: Alert other employees and clients. Certain businesses have mandatory reporting obligations with regards to customer data breaches.    
  4. Seek assistance defending your online brand: Domain names are your internet mail address and your online business identity. If your company has been impersonated, reach out on ReportCyber.  
  5. Contact the email provider: If someone is using an email service to impersonate you (like Gmail or, report this to the provider. 


Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it