Home
HomeGlossaryBusiness Email Compromise

Business Email Compromise

MITRE ATTACK layer: Impact

ON THIS PAGE

Unlock 442% ROI*

Control all your endpoints in a single platform.

4.6/5
Book a Demo

*Return on investment over three years as per the Total Economic Impact™ (TEI) study by Forrester

Business Email Compromise is financial fraud in which an attacker impersonates a real person, usually an executive or finance staff, and convinces someone to send money or sensitive data voluntarily. It’s the abuse of organizational trust systems that just happen to run over email.

How is Business Email Compromise abused

Attackers use spoofed or compromised email accounts to trick the victims. No links, no malware. Modern BEC often involves long-term mailbox access, where attackers watch conversations, learn tone, then strike with perfect context.

Why Business Email Compromise matters

BEC matters because it turns everyday business behavior into an attack surface. Losses happen inside approved processes, so alerts don’t fire and recovery is rare. This makes BEC uniquely dangerous: it bypasses technical defenses and fails quietly until money is gone.

Real-world example

Caesars Entertainment

The incident started with social engineering of IT support to reset credentials. With identity access, attackers exfiltrated sensitive customer and loyalty data, then pivoted to financial extortion, threatening public release. Caesars reportedly paid $15 million to avoid data disclosure, faced regulatory scrutiny, reputational damage, and follow-on lawsuits.

Source

Get the full attack repository

Get our entire attack repository in a single, offline-ready PDF guide, featuring 25+ real-world attacks.

Please enter a valid email.Please enter a email.
By clicking 'Download EBOOK', you agree to processing of personal data according to the Privacy Policy.

Related topics

Impact
Phishing
Read more
Impact
Whale Phishing
Read more
Impact
Insider Threat
Read more

Additional Resources

Research
Achieve 442% ROI and reduce patching time by 95% — Forrester TEI Report

See how organizations gained 442% ROI and major efficiency improvements with Endpoint Central.

Read more
Security validation
Experience enterprise-grade protection proven in real-world tests — AV-Comparatives Report

Discover how Endpoint Central’s antivirus earned recognition through rigorous, real-world security validation in just eight months.

Read more
Guide
Simplify endpoint security and build cyber resilience — Endpoint Security For Dummies

Get a clear, practical guide to understanding threats and strengthening your organization’s security.

Read more

Trusted by

Unified Endpoint Management and Security Solution
Patch ManagementSoftware DeploymentEndpoint SecurityOS DeploymentAsset ManagementMobile Device MgmtTools & Configurations