Carnegie Mellon University

60 Seconds to Better Security: What is BEC Transcript

What is BEC, also known as Business Email Compromise? Ready to learn more? Let's play Double Take!

In BEC attacks, cyber criminals use clever phishing patterns to impersonate people in organizations. To spot these tricks, you'll have to do a double take. Scammers may try to trick you by using a compromised email account or sending spoofed emails with a sending address disguised to look like it's from a trusted source. BEC is often used for wire transfer fraud, where scammers trick a person into wiring money into an account they control. Or, they may ask for financial data statement to use in tax fraud or other crimes. Phishing emails may be just one part of a BEC attack. Scammers may also use social media and voice phishing to gather details that help them impersonate people and organizations. Even if you're vigilant, some BEC attacks are nearly impossible to spot. Any time you get a request for a wire transfer or sensitive information, you should always independently confirm it via a phone call. Remember, when it comes to cybersecurity, we all need to level up!

Return to 60 Seconds to Better Security Videos