{"id":1871,"date":"2023-12-15T14:28:49","date_gmt":"2023-12-15T11:28:49","guid":{"rendered":"https:\/\/mailsafi.com\/blog\/?p=1871"},"modified":"2023-12-15T14:55:37","modified_gmt":"2023-12-15T11:55:37","slug":"what-is-business-email-compromise","status":"publish","type":"post","link":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/","title":{"rendered":"The High Cost of Business Email Compromise (BEC)"},"content":{"rendered":"\n<p>The most common type of cyberattack that businesses suffer from today begins with fraudulent emails. According to a report by the United States FBI, worldwide losses resulting from business email compromise scams amount to over 26 billion dollars over the past three years. This figure continues to rise more so due to the COVID-19 pandemic.<\/p>\n\n\n\n<p>Since the onset of the pandemic, researchers have reported an over 30% increase in fund transfer fraud incidents and social engineering, in addition to the rise in the severity of ransomware attacks. Each business email compromise event is said to cost businesses thousands to one million dollars in revenue loss.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_49 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"ez-toc-toggle-icon-1\"><label for=\"item-69de2163a35ea\" aria-label=\"Table of Content\"><span style=\"display: flex;align-items: center;width: 35px;height: 30px;justify-content: center;direction:ltr;\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/label><input  type=\"checkbox\" id=\"item-69de2163a35ea\"><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#1_What_is_Business_Email_Compromise_BEC\" title=\"1. What is Business Email Compromise (BEC)?\">1. What is Business Email Compromise (BEC)?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#2_Business_Email_Compromise_BEC_vs_Email_Account_Compromise_BAC\" title=\"2. Business Email Compromise (BEC) vs. Email Account Compromise (BAC)\">2. Business Email Compromise (BEC) vs. Email Account Compromise (BAC)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#3_The_Significance_of_Business_Email_Compromise_BEC_Exploits\" title=\"3. The Significance of Business Email Compromise (BEC) Exploits \">3. The Significance of Business Email Compromise (BEC) Exploits <\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#4_How_Business_Email_Compromise_BEC_Works\" title=\"4. How Business Email Compromise (BEC) Works\">4. How Business Email Compromise (BEC) Works<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#41_The_research\" title=\" 4.1 The research\"> 4.1 The research<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#42_Collecting_the_data_with_social_engineering\" title=\"4.2 Collecting the data with social engineering\">4.2 Collecting the data with social engineering<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#43_Email_account_compromise\" title=\"4.3 Email account compromise\">4.3 Email account compromise<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#44_The_Fraud\" title=\"4.4 The Fraud\">4.4 The Fraud<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#45_The_painful_realization\" title=\"4.5 The painful realization\">4.5 The painful realization<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#5_Common_Types_of_BEC_Exploits\" title=\"5. Common Types of BEC Exploits\">5. Common Types of BEC Exploits<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#6_How_to_Spot_a_BEC_Exploit\" title=\"6. How to Spot a BEC Exploit\">6. How to Spot a BEC Exploit<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#7_The_Do%E2%80%99s_and_Don%E2%80%99ts\" title=\"7. The Do&#8217;s and Don&#8217;ts\">7. The Do&#8217;s and Don&#8217;ts<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#8_How_to_Prevent_Business_Email_Compromise_BEC_Exploits\" title=\"8. How to Prevent Business Email Compromise (BEC) Exploits\">8. How to Prevent Business Email Compromise (BEC) Exploits<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#9_How_MailSafi_Prevents_Business_Email_Compromise_BEC_Exploits\" title=\"9. How MailSafi Prevents Business Email Compromise (BEC) Exploits\">9. How MailSafi Prevents Business Email Compromise (BEC) Exploits<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"1_What_is_Business_Email_Compromise_BEC\"><\/span>1. What is Business Email Compromise (BEC)?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>BEC is a form of cyberattack that targets both businesses and individuals. It is referred to as business email compromise as the scam begins with gaining access to a business email. <\/p>\n\n\n\n<p>Business email is email that is specifically used for business. Unlike a personal email address, a business email address contains the company&#8217;s name. It is a professional email identification that not only portrays authority but also advertises the company&#8217;s brand in every communication. For these benefits and more, organizations use business email hosted by email hosting service providers.<\/p>\n\n\n\n<p>Read more on the <strong><a href=\"https:\/\/mailsafi.com\/blog\/benefits-of-cloud-or-hosted-email-for-business\/\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"has-inline-color has-vivid-cyan-blue-color\">benefits of business email hosting services<\/span><\/a><\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"2_Business_Email_Compromise_BEC_vs_Email_Account_Compromise_BAC\"><\/span>2. Business Email Compromise (BEC) vs. Email Account Compromise (BAC)<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Business email compromise is also commonly referred to as <em>email account compromise<\/em>. A business email account is said to be compromised when an unauthorized user gains access to said email and uses various tactics to impersonate the email account owner. <\/p>\n\n\n\n<p>Although both terms are used interchangeably, there is a slight difference between the two terms. The difference comes in with the end game of each exploit.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.mailsafi.com\/business-email-compromise-bec-or-eac\">Business email compromise<\/a> is an exploit where an attacker hacks into a corporate email account and impersonates the real owner. BEC&#8217;s end game is to defraud the company, its customers, partners, and\/or employees into sending money or sensitive data to the attacker\u2019s account. However, with email account compromise, the cybercriminal gains access to the email account but does not necessarily alter it. He\/she uses the account to;<\/p>\n\n\n\n<ul>\n<li>Send out large-scale phishing campaigns from the compromised account. This is easy to achieve from a trusted source that is now compromised.<\/li>\n\n\n\n<li>Intercepting conversations about wired transfers and inserting themselves to seize the opportunity to steal the funds<\/li>\n\n\n\n<li>Send more targeted payment requests for fake invoices to employees with the company to do so in your finance department.<\/li>\n<\/ul>\n\n\n\n<p>Additionally, business email compromise exploits are also called <em>man-in-the-email attacks. The name is derived from <\/em>man-in-the-middle, which implies a situation where a third party intercepts and possibly alters the communication between two unsuspecting parties, usually to defraud the parties involved.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"3_The_Significance_of_Business_Email_Compromise_BEC_Exploits\"><\/span>3. The Significance of Business Email Compromise (BEC) Exploits <span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Why should any organization worry about suffering from a BEC exploit?<\/strong><\/p>\n\n\n\n<p>Firstly, as mentioned earlier, research estimates that BEC exploits cost businesses between thousands to one million dollars per event. Such losses can break or significantly stall the progress of any organization. <\/p>\n\n\n\n<p>Secondly, BEC exploits are a targeted email threat. This means that everything about how cybercriminals begin and execute business email compromise scams is designed to attack a specific target. These specific targets can be high-level employees in the finance department and C-suite members such as CEOs.<\/p>\n\n\n\n<p><strong>Why them?<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"900\" height=\"567\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/bigstock-Login-Into-Account-In-Email-En-239697814.jpg\" alt=\"\" class=\"wp-image-1894\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/bigstock-Login-Into-Account-In-Email-En-239697814.jpg 900w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/bigstock-Login-Into-Account-In-Email-En-239697814-300x189.jpg 300w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/bigstock-Login-Into-Account-In-Email-En-239697814-768x484.jpg 768w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><\/figure>\n\n\n\n<p>BEC scams target employees in an organization with access to sensitive information or the power to authorize and request the transfer of funds without raising too many eyebrows. These are usually employees in the finance or human resource departments as well as C-suite members. This is why you will hear terms like CEO fraud, CEO impersonation or CEO phishing surround business email compromise exploits.<\/p>\n\n\n\n<p>Thirdly, as we discussed, the end game of BEC scams is fraud. Cybercriminals will spend days conducting in-depth research on your weakest link &#8211; your employees. They commit time and resources in selecting the best staff member after which they will hack into their email accounts. Once in, the criminals use social engineering tactics &#8211; we will discuss these later &#8211; to impersonate the owner of the account and defraud the company. If you think that is not easily attainable or effective, think again.<\/p>\n\n\n\n<p>Using various forms of spoofing such as email, domain and website spoofing, cybercriminals can pose as that manager with the reputation of a tyrant at your office. He\/she says, &#8220;Jump,&#8221; and you ask, &#8220;How high?&#8221; If the cybercriminal disguised as your least favorite manager sends an email requesting an urgent transfer of funds, how likely are you to blindly oblige? I would say, very likely.<\/p>\n\n\n\n<p>Cybercriminals depend on the misplaced assurance that high-level employees may have. No one believes they can be hacked. Add the natural instinct we as humans have to obey authority, and cybercriminals have a well-cooked plan of destruction.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"4_How_Business_Email_Compromise_BEC_Works\"><\/span>4. How Business Email Compromise (BEC) Works<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"font-size:24px\"><span class=\"ez-toc-section\" id=\"41_The_research\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\"> 4.1 The research<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>A business email compromise exploit starts with research. The cybercriminal conducts a deep dive into members of your organization. This includes social media accounts, online buying behavior and other sources of data that are not necessarily publicly available.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"font-size:24px\"><span class=\"ez-toc-section\" id=\"42_Collecting_the_data_with_social_engineering\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">4.2 Collecting the data with social engineering<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>In addition to research, the cybercriminal uses various social engineering tactics that trick your employees into divulging sensitive corporate data when it is not so readily available. <\/p>\n\n\n\n<p>Social engineering, just as the name suggests, is a form of attack that relies on how you and I think and act. It is a tactic that involves tricking unsuspecting users into giving access to restricted systems, downloading malware, or giving up sensitive corporate data. This is done by manipulating human behavior. Types of social engineering attacks include vishing, phishing, scareware, pretexting and water-holing.<\/p>\n\n\n\n<p>The cybercriminal uses social engineering attacks to manipulate you emotionally. Socially engineered emails will use heightened emotions of fear or excitement to get your employees to react and perform certain actions such as downloading a malicious attachment. They will build a false sense of trust by appearing as a legitimate source you would not question.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"font-size:24px\"><span class=\"ez-toc-section\" id=\"43_Email_account_compromise\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">4.3 Email account compromise<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>The criminal now has all he needs to hack into your CFO&#8217;s email account, for example. Once he\/she gains access to the account, he\/she uses spoofing to impersonate your CFO. The cybercriminal spoofs your CFO&#8217;s email address or a domain, for example, instructing a wire transfer to Paypa1.com instead of Paypal.com.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"font-size:24px\"><span class=\"ez-toc-section\" id=\"44_The_Fraud\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">4.4 The Fraud<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>The attacker sends an email to your finance department instructing your personnel to transfer funds to a supplier, client; it could be anyone. The wire transfer destination looks legitimate; you don&#8217;t want to keep your boss waiting, and you want to save the day. Your personnel quickly transfers the funds and pats him\/herself on the back.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"font-size:24px\"><span class=\"ez-toc-section\" id=\"45_The_painful_realization\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">4.5 The painful realization<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>As is most organizations&#8217; protocol, your staff in accounts are obligated to notify top-level managers of any fund transfers, or better yet, they receive an automatic notification. Sooner or later, you realize that the worst has happened. Your IT department will try its best to recover the funds but the attacker is long gone, vanished into the dark corners of the internet. Nothing more than damage control can be done at this point.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"5_Common_Types_of_BEC_Exploits\"><\/span>5. Common Types of BEC Exploits<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"599\" height=\"584\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-and-fishhook-phishing.jpg\" alt=\"Login into account and fishing hook.\" class=\"wp-image-1915\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-and-fishhook-phishing.jpg 599w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-and-fishhook-phishing-300x292.jpg 300w\" sizes=\"(max-width: 599px) 100vw, 599px\" \/><\/figure>\n\n\n\n<p><strong>CEO fraud<\/strong>; when a fake email is sent from a business executive&#8217;s email account to employees asking for an urgent transfer of funds to the cybercriminal&#8217;s account.<\/p>\n\n\n\n<p><strong>The fake attorney scam<\/strong>; here, the cybercriminal sends an email to your employees posing as the company lawyer, for example. He\/she claims to be handling time-sensitive confidential matters and instructs an urgent transfer of funds.<\/p>\n\n\n\n<p><strong>The fake invoice scam<\/strong>; the attacker poses as a trusted company vendor or supplier. Using a fake invoice, the attacker asks for payment that is directed to a fraudulent bank account<\/p>\n\n\n\n<p><strong>The HR scam<\/strong>; the cybercriminal wants access to personally identifiable information (PII) and not money. He\/she, therefore, poses as a strategic person in the HR department and requests information from your employees.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"6_How_to_Spot_a_BEC_Exploit\"><\/span>6. How to Spot a BEC Exploit<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>There are several red flags that can help your employees sniff out a BEC scam. With awareness training and close scrutiny, the following signs are evident;<\/p>\n\n\n\n<ol>\n<li>Spoofed sender domain, spoofed email address and spoofed URLs<\/li>\n\n\n\n<li>Time-sensitive and confidential requests<\/li>\n\n\n\n<li>Requests to transfer funds immediately<\/li>\n\n\n\n<li>Urgent subject lines such as payment notice, payment inquiry, bank transfer inquiry, etc<\/li>\n\n\n\n<li>Use of generic terms such as <em>sir <\/em>or <em>madam <\/em>rather than real names<\/li>\n\n\n\n<li>Unfamiliar invoices <\/li>\n\n\n\n<li>Unfamiliar bank accounts different from those normally used<\/li>\n\n\n\n<li>Messages from personal mailboxes or mobile. Usually, the sender pretends to be traveling and signatures indicates it&#8217;s coming from a mobile<\/li>\n\n\n\n<li>Requests that ask you to bypass normal procedures and protocols<\/li>\n<\/ol>\n\n\n\n<p>Now knowing how to spot a BEC scam, let&#8217;s talk about the do&#8217;s and don&#8217;ts when dealing with BEC or EAC attacks.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\"><span class=\"ez-toc-section\" id=\"7_The_Do%E2%80%99s_and_Don%E2%80%99ts\"><\/span>7. The Do&#8217;s and Don&#8217;ts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><strong>Do <\/strong>verbally verify all requests for fund transfers or sensitive information. <strong>Don&#8217;t <\/strong>carry out requests without confirming their authenticity.<\/p>\n\n\n\n<p><strong>Do <\/strong>double check the sender&#8217;s email address. <strong>Don&#8217;t <\/strong>reply to a suspicious email. Contact the sender directly or forward the email to the correct email address.<\/p>\n\n\n\n<p><strong>Do <\/strong>double check links in suspicious emails by hovering over the anchor text. This will reveal the true destination of the link. <strong>Don&#8217;t <\/strong>click on links or download attachments from suspicious emails<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"8_How_to_Prevent_Business_Email_Compromise_BEC_Exploits\"><\/span>8. How to Prevent Business Email Compromise (BEC) Exploits<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ol>\n<li>Have email security solutions in place. For example, an effective email filtering system that not only identifies malicious payloads but one that is context-aware and has other social engineering safeguards<\/li>\n\n\n\n<li>Deploy network controls for your employees&#8217; downloads. This prevents malware from being downloaded into your network<\/li>\n\n\n\n<li>Train your employees on email security best practices and vigilance. Conduct simulations and trainings to determine if they can identify BEC exploits<\/li>\n\n\n\n<li>Always verify. Verify payment requests, instructions and invoices before acting on them to ensure they are authentic<\/li>\n\n\n\n<li>Employ <strong><a href=\"https:\/\/mailsafi.com\/blog\/two-factor-2fa-authentication-why-you-should-use-it\/\" target=\"_blank\" rel=\"noreferrer noopener\"><span class=\"has-inline-color has-vivid-cyan-blue-color\">two-factor authentication<\/span><\/a><\/strong> process for all payments<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading has-vivid-red-color has-text-color\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"9_How_MailSafi_Prevents_Business_Email_Compromise_BEC_Exploits\"><\/span>9. How MailSafi Prevents Business Email Compromise (BEC) Exploits<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p><a href=\"https:\/\/www.mailsafi.com\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong><span class=\"has-inline-color has-vivid-cyan-blue-color\">MailSafi email security<\/span><\/strong><\/a> includes targeted threat protection and impersonation protection. These not only identify emails with malicious payloads but also scans all incoming emails for phrases such as &#8220;urgent wire transfer&#8221; and other warning signs of social engineering. It is a comprehensive solution that combats BEC exploits using <a href=\"https:\/\/mailsafi.com\/blog\/8-reasons-why-you-should-outsource-your-spam-filtering\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong><span class=\"has-inline-color has-vivid-cyan-blue-color\">cloud-based filtering gateways<\/span><\/strong>,<\/a> 99.9% anti-malware protection, secure email options and targeted threat protection.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.mailsafi.com\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong><span class=\"has-inline-color has-vivid-cyan-blue-color\">MailSafi email security<\/span><\/strong><\/a> prevents unauthorized access of email on all devices. This is especially important for employees working remotely or working from home where personal devices are not as well protected as corporate devices.<\/p>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\">Contact us to learn more about how <a href=\"https:\/\/www.mailsafi.com\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong><span class=\"has-inline-color has-vivid-cyan-blue-color\">MailSafi Email Security<\/span><\/strong><\/a> protects organizations from the high cost of business email compromise (BEC) exploits.<\/p>\n<div class=\"pvc_clear\"><\/div><p id=\"pvc_stats_1871\" class=\"pvc_stats all  \" data-element-id=\"1871\" style=\"\"><i class=\"pvc-stats-icon large\" aria-hidden=\"true\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.0\" viewBox=\"0 0 502 315\" preserveAspectRatio=\"xMidYMid meet\"><g transform=\"translate(0,332) scale(0.1,-0.1)\" fill=\"\" stroke=\"none\"><path d=\"M2394 3279 l-29 -30 -3 -207 c-2 -182 0 -211 15 -242 39 -76 157 -76 196 0 15 31 17 60 15 243 l-3 209 -33 29 c-26 23 -41 29 -80 29 -41 0 -53 -5 -78 -31z\"\/><path d=\"M3085 3251 c-45 -19 -58 -50 -96 -229 -47 -217 -49 -260 -13 -295 52 -53 146 -42 177 20 16 31 87 366 87 410 0 70 -86 122 -155 94z\"\/><path d=\"M1751 3234 c-13 -9 -29 -31 -37 -50 -12 -29 -10 -49 21 -204 19 -94 39 -189 45 -210 14 -50 54 -80 110 -80 34 0 48 6 76 34 21 21 34 44 34 59 0 14 -18 113 -40 219 -37 178 -43 195 -70 221 -36 32 -101 37 -139 11z\"\/><path d=\"M1163 3073 c-36 -7 -73 -59 -73 -102 0 -56 133 -378 171 -413 34 -32 83 -37 129 -13 70 36 67 87 -16 290 -86 209 -89 214 -129 231 -35 14 -42 15 -82 7z\"\/><path d=\"M3689 3066 c-15 -9 -33 -30 -42 -48 -48 -103 -147 -355 -147 -375 0 -98 131 -148 192 -74 13 15 57 108 97 206 80 196 84 226 37 273 -30 30 -99 39 -137 18z\"\/><path d=\"M583 2784 c-38 -19 -67 -74 -58 -113 9 -42 211 -354 242 -373 16 -10 45 -18 66 -18 51 0 107 52 107 100 0 39 -1 41 -124 234 -80 126 -108 162 -133 173 -41 17 -61 16 -100 -3z\"\/><path d=\"M4250 2784 c-14 -9 -74 -91 -133 -183 -95 -150 -107 -173 -107 -213 0 -55 33 -94 87 -104 67 -13 90 8 211 198 130 202 137 225 78 284 -27 27 -42 34 -72 34 -22 0 -50 -8 -64 -16z\"\/><path d=\"M2275 2693 c-553 -48 -1095 -270 -1585 -649 -135 -104 -459 -423 -483 -476 -23 -49 -22 -139 2 -186 73 -142 361 -457 571 -626 285 -228 642 -407 990 -497 242 -63 336 -73 660 -74 310 0 370 5 595 52 535 111 1045 392 1455 803 122 121 250 273 275 326 19 41 19 137 0 174 -41 79 -309 363 -465 492 -447 370 -946 591 -1479 653 -113 14 -422 18 -536 8z m395 -428 c171 -34 330 -124 456 -258 112 -119 167 -219 211 -378 27 -96 24 -300 -5 -401 -72 -255 -236 -447 -474 -557 -132 -62 -201 -76 -368 -76 -167 0 -236 14 -368 76 -213 98 -373 271 -451 485 -162 444 86 934 547 1084 153 49 292 57 452 25z m909 -232 c222 -123 408 -262 593 -441 76 -74 138 -139 138 -144 0 -16 -233 -242 -330 -319 -155 -123 -309 -223 -461 -299 l-81 -41 32 46 c18 26 49 83 70 128 143 306 141 649 -6 957 -25 52 -61 116 -79 142 l-34 47 45 -20 c26 -10 76 -36 113 -56z m-2057 25 c-40 -58 -105 -190 -130 -263 -110 -324 -59 -707 132 -981 25 -35 42 -64 37 -64 -19 0 -241 119 -326 174 -188 122 -406 314 -532 468 l-58 71 108 103 c185 178 428 349 672 473 66 33 121 60 123 61 2 0 -10 -19 -26 -42z\"\/><path d=\"M2375 1950 c-198 -44 -350 -190 -395 -379 -18 -76 -8 -221 19 -290 114 -284 457 -406 731 -260 98 52 188 154 231 260 27 69 37 214 19 290 -38 163 -166 304 -326 360 -67 23 -215 33 -279 19z\"\/><\/g><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p><div class=\"pvc_clear\"><\/div>","protected":false},"excerpt":{"rendered":"<p>Business email compromise is also commonly referred to as email account compromise. A business email account is said to be compromised when an unauthorized user gains access to said email and uses various tactics to impersonate the owner of the email account. <\/p>\n<div class=\"pvc_clear\"><\/div>\n<p id=\"pvc_stats_1871\" class=\"pvc_stats all  \" data-element-id=\"1871\" style=\"\"><i class=\"pvc-stats-icon large\" aria-hidden=\"true\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.0\" viewBox=\"0 0 502 315\" preserveAspectRatio=\"xMidYMid meet\"><g transform=\"translate(0,332) scale(0.1,-0.1)\" fill=\"\" stroke=\"none\"><path d=\"M2394 3279 l-29 -30 -3 -207 c-2 -182 0 -211 15 -242 39 -76 157 -76 196 0 15 31 17 60 15 243 l-3 209 -33 29 c-26 23 -41 29 -80 29 -41 0 -53 -5 -78 -31z\"\/><path d=\"M3085 3251 c-45 -19 -58 -50 -96 -229 -47 -217 -49 -260 -13 -295 52 -53 146 -42 177 20 16 31 87 366 87 410 0 70 -86 122 -155 94z\"\/><path d=\"M1751 3234 c-13 -9 -29 -31 -37 -50 -12 -29 -10 -49 21 -204 19 -94 39 -189 45 -210 14 -50 54 -80 110 -80 34 0 48 6 76 34 21 21 34 44 34 59 0 14 -18 113 -40 219 -37 178 -43 195 -70 221 -36 32 -101 37 -139 11z\"\/><path d=\"M1163 3073 c-36 -7 -73 -59 -73 -102 0 -56 133 -378 171 -413 34 -32 83 -37 129 -13 70 36 67 87 -16 290 -86 209 -89 214 -129 231 -35 14 -42 15 -82 7z\"\/><path d=\"M3689 3066 c-15 -9 -33 -30 -42 -48 -48 -103 -147 -355 -147 -375 0 -98 131 -148 192 -74 13 15 57 108 97 206 80 196 84 226 37 273 -30 30 -99 39 -137 18z\"\/><path d=\"M583 2784 c-38 -19 -67 -74 -58 -113 9 -42 211 -354 242 -373 16 -10 45 -18 66 -18 51 0 107 52 107 100 0 39 -1 41 -124 234 -80 126 -108 162 -133 173 -41 17 -61 16 -100 -3z\"\/><path d=\"M4250 2784 c-14 -9 -74 -91 -133 -183 -95 -150 -107 -173 -107 -213 0 -55 33 -94 87 -104 67 -13 90 8 211 198 130 202 137 225 78 284 -27 27 -42 34 -72 34 -22 0 -50 -8 -64 -16z\"\/><path d=\"M2275 2693 c-553 -48 -1095 -270 -1585 -649 -135 -104 -459 -423 -483 -476 -23 -49 -22 -139 2 -186 73 -142 361 -457 571 -626 285 -228 642 -407 990 -497 242 -63 336 -73 660 -74 310 0 370 5 595 52 535 111 1045 392 1455 803 122 121 250 273 275 326 19 41 19 137 0 174 -41 79 -309 363 -465 492 -447 370 -946 591 -1479 653 -113 14 -422 18 -536 8z m395 -428 c171 -34 330 -124 456 -258 112 -119 167 -219 211 -378 27 -96 24 -300 -5 -401 -72 -255 -236 -447 -474 -557 -132 -62 -201 -76 -368 -76 -167 0 -236 14 -368 76 -213 98 -373 271 -451 485 -162 444 86 934 547 1084 153 49 292 57 452 25z m909 -232 c222 -123 408 -262 593 -441 76 -74 138 -139 138 -144 0 -16 -233 -242 -330 -319 -155 -123 -309 -223 -461 -299 l-81 -41 32 46 c18 26 49 83 70 128 143 306 141 649 -6 957 -25 52 -61 116 -79 142 l-34 47 45 -20 c26 -10 76 -36 113 -56z m-2057 25 c-40 -58 -105 -190 -130 -263 -110 -324 -59 -707 132 -981 25 -35 42 -64 37 -64 -19 0 -241 119 -326 174 -188 122 -406 314 -532 468 l-58 71 108 103 c185 178 428 349 672 473 66 33 121 60 123 61 2 0 -10 -19 -26 -42z\"\/><path d=\"M2375 1950 c-198 -44 -350 -190 -395 -379 -18 -76 -8 -221 19 -290 114 -284 457 -406 731 -260 98 52 188 154 231 260 27 69 37 214 19 290 -38 163 -166 304 -326 360 -67 23 -215 33 -279 19z\"\/><\/g><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"author":2,"featured_media":1892,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[3],"tags":[107,198,199],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What Is the real cost of a compromised Business Email<\/title>\n<meta name=\"description\" content=\"Business email compromise is an exploit where an attacker hacks into a corporate e-mail account &amp; impersonates the real owner to commit fraud\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MailSafi | What is Business Email Compromise?\" \/>\n<meta property=\"og:description\" content=\"In business email compromise exploits, an attacker will compromise or imitate a legitimate business account, and then use this account to request fraudulent payments from customers or contacts. While simple in concept, these attacks are highly damaging, and difficult to prevent.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\" \/>\n<meta property=\"og:site_name\" content=\"The MailSafi Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/msgafricaltd\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-15T11:28:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-15T11:55:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"710\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Zacharia Kimotho\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@msgafricaltd\" \/>\n<meta name=\"twitter:site\" content=\"@msgafricaltd\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Zacharia Kimotho\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\"},\"author\":{\"name\":\"Zacharia Kimotho\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/0c153202a6d3e554d8882d0470537bfe\"},\"headline\":\"The High Cost of Business Email Compromise (BEC)\",\"datePublished\":\"2023-12-15T11:28:49+00:00\",\"dateModified\":\"2023-12-15T11:55:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\"},\"wordCount\":1775,\"publisher\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\",\"keywords\":[\"business email compromise\",\"business email security\",\"man-in-the-email attacks\"],\"articleSection\":[\"Email Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\",\"url\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\",\"name\":\"What Is the real cost of a compromised Business Email\",\"isPartOf\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\",\"datePublished\":\"2023-12-15T11:28:49+00:00\",\"dateModified\":\"2023-12-15T11:55:37+00:00\",\"description\":\"Business email compromise is an exploit where an attacker hacks into a corporate e-mail account & impersonates the real owner to commit fraud\",\"breadcrumb\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage\",\"url\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\",\"contentUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\",\"width\":710,\"height\":400,\"caption\":\"spam-phishing\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/mailsafi.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The High Cost of Business Email Compromise (BEC)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#website\",\"url\":\"https:\/\/mailsafi.com\/blog\/\",\"name\":\"The MailSafi Blog\",\"description\":\"We Stop Spam\",\"publisher\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/mailsafi.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\",\"name\":\"Message Labs Africa\",\"url\":\"https:\/\/mailsafi.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Message Labs Africa\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/msgafricaltd\/\",\"https:\/\/x.com\/msgafricaltd\",\"https:\/\/www.linkedin.com\/feed\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/0c153202a6d3e554d8882d0470537bfe\",\"name\":\"Zacharia Kimotho\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/632b62e956742744a010b8a20db354a2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/632b62e956742744a010b8a20db354a2?s=96&d=mm&r=g\",\"caption\":\"Zacharia Kimotho\"},\"description\":\"Zacharia is a passionate SEO expert and content marketer who works at Kaluari Limited, a leading company in the field of Cloud and Email Hosting Solutions. He has been writing and sharing his insights on various topics related to AI, IT, and marketing for over five years. He loves to explore the latest trends and innovations in these domains and how they can benefit businesses and society. He also enjoys learning new skills and tools to enhance his online presence and reach.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/zacharia-kimotho\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What Is the real cost of a compromised Business Email","description":"Business email compromise is an exploit where an attacker hacks into a corporate e-mail account & impersonates the real owner to commit fraud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/","og_locale":"en_US","og_type":"article","og_title":"MailSafi | What is Business Email Compromise?","og_description":"In business email compromise exploits, an attacker will compromise or imitate a legitimate business account, and then use this account to request fraudulent payments from customers or contacts. While simple in concept, these attacks are highly damaging, and difficult to prevent.","og_url":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/","og_site_name":"The MailSafi Blog","article_publisher":"https:\/\/www.facebook.com\/msgafricaltd\/","article_published_time":"2023-12-15T11:28:49+00:00","article_modified_time":"2023-12-15T11:55:37+00:00","og_image":[{"width":710,"height":400,"url":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg","type":"image\/jpeg"}],"author":"Zacharia Kimotho","twitter_card":"summary_large_image","twitter_creator":"@msgafricaltd","twitter_site":"@msgafricaltd","twitter_misc":{"Written by":"Zacharia Kimotho","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#article","isPartOf":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/"},"author":{"name":"Zacharia Kimotho","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/0c153202a6d3e554d8882d0470537bfe"},"headline":"The High Cost of Business Email Compromise (BEC)","datePublished":"2023-12-15T11:28:49+00:00","dateModified":"2023-12-15T11:55:37+00:00","mainEntityOfPage":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/"},"wordCount":1775,"publisher":{"@id":"https:\/\/mailsafi.com\/blog\/#organization"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg","keywords":["business email compromise","business email security","man-in-the-email attacks"],"articleSection":["Email Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/","url":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/","name":"What Is the real cost of a compromised Business Email","isPartOf":{"@id":"https:\/\/mailsafi.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg","datePublished":"2023-12-15T11:28:49+00:00","dateModified":"2023-12-15T11:55:37+00:00","description":"Business email compromise is an exploit where an attacker hacks into a corporate e-mail account & impersonates the real owner to commit fraud","breadcrumb":{"@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#primaryimage","url":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg","contentUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg","width":710,"height":400,"caption":"spam-phishing"},{"@type":"BreadcrumbList","@id":"https:\/\/mailsafi.com\/blog\/what-is-business-email-compromise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailsafi.com\/blog\/"},{"@type":"ListItem","position":2,"name":"The High Cost of Business Email Compromise (BEC)"}]},{"@type":"WebSite","@id":"https:\/\/mailsafi.com\/blog\/#website","url":"https:\/\/mailsafi.com\/blog\/","name":"The MailSafi Blog","description":"We Stop Spam","publisher":{"@id":"https:\/\/mailsafi.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailsafi.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailsafi.com\/blog\/#organization","name":"Message Labs Africa","url":"https:\/\/mailsafi.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/","url":"","contentUrl":"","caption":"Message Labs Africa"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/msgafricaltd\/","https:\/\/x.com\/msgafricaltd","https:\/\/www.linkedin.com\/feed\/"]},{"@type":"Person","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/0c153202a6d3e554d8882d0470537bfe","name":"Zacharia Kimotho","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/632b62e956742744a010b8a20db354a2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/632b62e956742744a010b8a20db354a2?s=96&d=mm&r=g","caption":"Zacharia Kimotho"},"description":"Zacharia is a passionate SEO expert and content marketer who works at Kaluari Limited, a leading company in the field of Cloud and Email Hosting Solutions. He has been writing and sharing his insights on various topics related to AI, IT, and marketing for over five years. He loves to explore the latest trends and innovations in these domains and how they can benefit businesses and society. He also enjoys learning new skills and tools to enhance his online presence and reach.","sameAs":["https:\/\/www.linkedin.com\/in\/zacharia-kimotho\/"]}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1871"}],"collection":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/comments?post=1871"}],"version-history":[{"count":11,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1871\/revisions"}],"predecessor-version":[{"id":3690,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1871\/revisions\/3690"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/media\/1892"}],"wp:attachment":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/media?parent=1871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/categories?post=1871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/tags?post=1871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}