Subscribe

How Business Email Compromise Attacks Threaten Organizations

June 23, 2021

Email is one of the most important tools used by cybercriminals to launch attacks against organizations.

A particular tactic often used by criminals is the Business Email Compromise (BEC), where the fraudster forges a trusted contact to defraud a business.

The “The 2021 Business Email Compromise Report” by security provider GreatHorn focuses on the latest BEC campaigns. Based on an online survey of 270 IT and cybersecurity experts in the U.S. from May 2021, the report highlighted various trends, challenges and gaps in the fight against BEC attacks and related email threats.

71% of respondents pointed to BEC attacks that manipulate e-mail accounts or websites.

69% cited spear-phishing, which targets specific individuals or roles in an organization, with the most targeted department funded, followed by the CEO and then the IT group.

Other susceptible departments include HR, marketing and sales.

Another 24% cited malware, in particular, emails containing malicious files or other content.

The survey also revealed an increase in spear-phishing attacks.

65% of respondents said their organization will be affected by these types of attacks in 2021, while 39% of respondents said they now experience spear phishing attempts weeklyly.

Malicious emails remain a threat: one in four respondents said that 76% to 100% of the malware they receive is sent by email.

57% of these malicious links are used to steal internal account data, often from C-suite executives and financial employees. Such links also aim to install malware as a setup for ransomware and payment fraud.

43% of respondents said they had been affected by a security incident in the last 12 months, with many citing BEC and phishing attacks as the source.

As a result, 36% reported that accounts were compromised, 24% that malware was installed, 16% that company data was lost, and 16% reported payment fraud.

Here are some ways to avoid BEC attacks:

  • Focus on defense in depth and not one-stop “anti-phishing” solutions.
  • Identify malicious links in emails.

For more information, read the original story in TechRepublic.

Top Stories

Anthropic’s Claude Mythos model escapes test sandbox during testing

Toronto neighbourhood debates AI surveillance plan for “virtual gated community”

Kyndryl launches agentic AI framework to help enterprises bridge operations gap

Iran threatens AI data centres amid escalating infrastructure conflict

Oracle begins mass layoffs to fund $156 billion AI infrastructure push

OpenAI brings in Smartly to shape how ads work inside ChatGPT

Related Articles

Anthropic coding tool exposes full source code again after packaging error

April 1, 2026 Anthropic has inadvertently exposed the full source code of its Claude Code tool for the second time more...

Cisco breach exposes 300+ repos after supply chain attack

April 1, 2026 Cisco suffered a cyberattack after attackers used stolen credentials from a compromised developer tool to access its more...

New Google update targets sensitive data exposure in search results

March 30, 2026 Google has expanded its “Results about you” tool, allowing users to remove highly sensitive personal data, including more...

GitHub Copilot to train on user data by default 

March 27, 2026 Microsoft is updating GitHub Copilot to train on real-world developer interactions, expanding beyond public code datasets to more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.