Business Email Compromise 101
– It’s Still Really Effective
According to the FBI’s Internet Crime Complaint Center (IC3), losses from BEC surpassed $1.8 billion in 2020 – an average of $93,000 per incident.
BEC is challenging to prevent, especially when vendors are compromised, but SpyCloud believes prevention begins with addressing the human attack surface, particularly the prevalence of poor password hygiene. When passwords are reused between employees’ or vendors’ work and personal accounts, credentials that have already been exposed in a data breach are fair game for use in BEC campaigns.
This report examines the very human problem of password reuse and the social engineering tactics used by criminals to dupe organizations. As this report explains, all it takes to steal from your business is a single compromised account.
The SpyCloud Difference
Truly Actionable Recaptured Data
SpyCloud solutions are backed by the world’s most current and comprehensive repository of recaptured data from breaches, malware infections, and other underground sources – with billions of exposed credentials and PII. It’s the same data that fraudsters use, but we make it actionable to prevent account takeover, ransomware attacks, and online fraud.
Check Your Exposure
See your real-time breach exposure details powered by SpyCloud data.