Business Email Compromise (BEC) is a cyber-enabled financial fraud scheme in which attackers use social engineering or email account intrusions—often via phishing—to impersonate trusted parties and trick businesses or individuals into authorizing unauthorized transfers of funds or sensitive data.
For information about BEC, please view guidance on this topic from:
- FinCEN;
- the IC3;
- the Cybersecurity & Infrastructure Security Agency (CISA);
- the National Institute of Standards and Technology (NIST).