What does 'Business Email Compromise' (BEC) refer to?

A sophisticated scam that targets businesses, typically by tricking an employee into transferring money or sensitive data to an unauthorized party.

Which of the following are common tactics used in BEC attacks? (Select all that apply)

Impersonating a CEO or senior executive requesting an urgent wire transfer to a new vendor. Additionally, Compromising an employee's legitimate email account and using it to send fraudulent invoices to customers. Additionally, Changing bank account details on a legitimate invoice from a known supplier. Additionally, Requesting an employee's personal bank details for a 'bonus payment' via an unofficial email.

You receive an email from your CEO, which seems urgent, asking you to immediately process a payment to a new supplier for a critical project. What should you do before processing the payment?

Verify the request using a different communication channel (e.g., a phone call to the CEO's known number, or an in-person conversation) to confirm its legitimacy. Additionally, Check the sender's email address for subtle misspellings or unusual domains, and examine the email for grammatical errors or odd phrasing.

Business Email Compromise

Discover how attackers exploit organizational transitions and compromised email accounts to execute sophisticated financial fraud through multi-stage deception and psychological manipulation.

What You'll Learn

Recognize how legitimate email accounts can be compromised and weaponized for fraud
Understand how attackers exploit organizational changes like mergers to create confusion
Learn to identify preparatory attacks that establish false legitimacy before main requests
Master verification procedures requiring voice confirmation for financial transactions
Develop awareness of domain spoofing techniques using similar-looking domains
Understand the importance of multi-person authorization for significant transfers

Training Steps

Introduction

Alice Thompson is a Financial Manager at Nexlify Solutions, a mid-sized software company. Last week, Nexlify was acquired by GlobalTech Industries, a multinational corporation. The merger has created a whirlwind of activity - new processes, unfamiliar systems, and countless emails from the parent company's various departments.
The Chaos of Transition

Alice's desk is cluttered with merger documents, and her inbox is overflowing with messages from GlobalTech employees she's never met before. The transition has been overwhelming, with new vendor approvals, budget reconciliations, and urgent requests coming in hourly. She barely has time to process everything properly, let alone verify every single communication through official channels.
The Deceptive Newsletter

Alice notices a new email in her inbox from 'GlobalTech Communications' with the subject line '[URGENT, FOR FINANCE MANAGERS] - New Partnership Announcement.' She clicks the email since the subject implies it's for her. The sender's email address appears to be news@globaltech-corp.net , which looks official enough given all the GlobalTech domains she's been seeing lately.
Clicking the Link

Alice clicks on the link to read more about the new supplier partnership, thinking it's important to stay informed about parent company developments. The browser opens to what appears to be GlobalTech's internal news portal, complete with company branding and recent merger-related articles.
Introduction

The article discusses GlobalTech's strategic partnership with 'Meridian Supply Solutions' and emphasizes the urgent need to establish payment channels for immediate project implementation. The website looks professional and contains other legitimate-seeming corporate news, making Alice believe this is genuine company information. However, this is actually Bob's fake website designed to look like GlobalTech's portal. By clicking the link, Alice has unknowingly validated her email address and confirmed she's actively reading communications that appear to be from GlobalTech. Bob now knows his social engineering approach is working and that Alice is engaged with content about the fake supplier.
The Urgent Financial Request

Thirty minutes later, Alice receives another email - this time from the legitimate GlobalTech email system.
The Fatal Decision

Against her better judgment, Alice decides to process the transfer. She reasons that the email came from a GlobalTech Finance Manager, references the official partnership announcement, and carries an urgent business justification. With everything happening so quickly since the merger, she assumes this must be part of the new corporate procedures she hasn't been fully briefed on yet.
Accessing Payment System

Alice logs into Nexlify's financial portal and initiates a wire transfer for $85,000 to the bank account details provided in Michael Chen's email.
Submitting The Transfer Details

She feels a lingering sense of unease but pushes it aside, telling herself she was following instructions from the parent company's finance leadership.
The Shocking Phone Call

Answer the incoming phone call from CEO James Morrison.

Knowledge Check Questions

This training includes a 6-question quiz to test your understanding of Business Email Compromise threats and defenses.

What does 'Business Email Compromise' (BEC) refer to?
Which of the following are common tactics used in BEC attacks? (Select all that apply)
You receive an email from your CEO, which seems urgent, asking you to immediately process a payment to a new supplier for a critical project. What should you do before processing the payment?
What are potential consequences of falling victim to a BEC attack? (Select all that apply)
Which of these are effective measures an organization can implement to prevent BEC attacks? (Select all that apply)