(To download the 2021 Business Email Compromise Report, please complete form at right.)
Business Email Compromise (BEC) attacks are one of the financially most damaging cyber crimes. They typically involve phishing emails and social engineering tactics to attack organizations and trick unsuspecting employees
and executives into conducting tasks under the guise of legitimate business activity, often appearing to come from a trusted sender. This report is designed to explore the state of evolving email threats and how organizations are responding to protect themselves (including specific concerns and challenges, solution priorities, and budget trends.)
Key findings include:
• The most commonly seen type of BEC attack is spoofed email account (71%) followed by spear phishing at 69%
• Almost 1 out of 3 organization (30%) state that more than 50% of links received via email lead to a malicious site
• 57% of malicious links in phishing emails intend to steal credentials
• The finance department has a target on its back, 34% of respondents said finance employees are the most frequent victims of spear-phishing attempts
• 43% of organizations have experienced a security incident in the last 12 months, with 35% stating that BEC/phishing attacks account for more than 50% of the incidents
Many thanks to GreatHorn for supporting this important research project.