BEC

Business Email Compromise (BEC) is a scam where an attacker poses as a trusted executive, supplier, or partner — sometimes from a genuinely hijacked mailbox — to redirect a payment or payroll. The FBI consistently ranks it among the costliest categories of cybercrime by dollar loss because it relies on plausible requests and human trust rather than malware. Strong email authentication plus a call-back verification policy for payment changes are the core defences.