Email-based cyberattacks are rampant. If we go by figures, the U.S. Cybersecurity and Infrastructure Security Agency reports that 90% of successful cyberattacks begin with phishing emails. While phishing emails can target individuals and businesses of all sizes, attackers may prefer to double down their aim at senior-level employees to increase their chances of catching a big bag.

Popularly known as business email compromise, this type of email scam, which often involves impersonating executives or other high-level officials to trick employees into transferring money or revealing sensitive information, is a growing threat today, costing organizations billions of dollars annually.

This feature, written by Franklin Okeke for TechRepublic Premium, examines the disturbing evolution of BEC tradecraft, assesses the current state of this billion-dollar enterprise threat and outlines concrete steps organizations can take to get ahead of the curve.

Featured text from the download:

WHY BEC ATTACKS ARE ON THE RISE

BEC shows no signs of slowing down because it checks several boxes for cybercriminals — it’s immensely lucrative, can be perpetrated remotely with little risk and doesn’t require advanced technical expertise. As a social engineering-driven financial scam, BEC bypasses many traditional security controls and targets an organization’s most vulnerable attack vector: its people. Several factors have fueled the proliferation of these pernicious attacks. Notable among these factors are the ones below:

Increased reliance on email for business workflows

According to a report by Radicati Group, the total number of business and consumer emails sent and received will exceed 361 billion in 2024 and is projected to grow to over 408 billion at the end of 2027. The report shows more businesses are adopting email as a tool for streamlining their workflow communications. However, one downside of this channel is that it can open attack surfaces for cybercriminals to operate. Cybercriminals can impersonate legitimate partners and deceive executives into authorizing fraudulent wire transfers.

Enhance your cybersecurity knowledge with our in-depth 10-page PDF. This is available for download at just $9. Alternatively, enjoy complimentary access with a Premium annual subscription. Click here to find out more.

TIME SAVED: Crafting this content required 20 hours of dedicated writing, editing and research.