How do I spot a BEC email?

Look for: urgency or pressure to act quickly, requests to bypass normal procedures, changes to payment details, unfamiliar sender addresses (check the actual email address, not just the display name), unusual requests from executives, and poor grammar or formatting. When in doubt, verify through a separate communication channel such as a phone call.

What is DMARC and how does it help?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that prevents attackers from spoofing your domain. When properly configured, emails that fail authentication checks are quarantined or rejected. DMARC, combined with SPF and DKIM, significantly reduces the risk of domain impersonation in BEC attacks.

What should I do if I fall victim to a BEC scam?

Act immediately: contact your bank to attempt to recall the transfer, report to the Australian Cyber Security Centre (ACSC) and the police, preserve all email evidence, check for compromised accounts, notify affected parties, and review your processes to prevent recurrence. Speed is critical - the sooner you act, the higher the chance of recovering funds.

Book Free Assessment Calculator

Business Email Compromise (BEC)

Business Email Compromise

Also known as:BECCEO fraudemail impersonation scam

A sophisticated email scam targeting businesses that make wire transfers or handle sensitive data, where attackers impersonate executives or trusted partners to trick employees into transferring funds or revealing confidential information.

In-Depth Explanation

Business Email Compromise (BEC) is a type of cybercrime where attackers use email to deceive employees into transferring money, sharing sensitive information, or taking other harmful actions. BEC attacks are particularly dangerous because they rely on social engineering rather than malware, making them harder to detect with traditional security tools.

Common BEC scenarios:

CEO fraud: Attacker impersonates the CEO, urgently requesting a wire transfer
Invoice fraud: Fake invoice from a "supplier" with changed bank details
Account compromise: Attacker takes over a real employee's email account
Lawyer impersonation: Pretending to be a lawyer handling a confidential matter
Data theft: Requesting employee tax records or personal information

BEC attack techniques:

Domain spoofing: Using a domain that looks similar (e.g., clevver-ops.com.au)
Display name spoofing: Changing the sender display name to match a trusted person
Email thread hijacking: Inserting into legitimate email conversations
Compromised accounts: Using a real, hacked email account

Prevention strategies:

Implement email authentication (SPF, DKIM, DMARC)
Verify payment requests through a separate communication channel
Establish approval processes for financial transactions
Train staff to recognise BEC red flags
Use advanced email security with AI-based detection
Verify any changes to payment details directly with the supplier
Implement dual-authorisation for large transactions

Business Context

BEC scams cost Australian businesses millions annually. The ACCC reported over $98 million lost to business email compromise in recent years, making it one of the most financially damaging forms of cybercrime in Australia.

How Clever Ops Uses This

Clever Ops protects Australian businesses from BEC attacks by implementing email authentication protocols (SPF, DKIM, DMARC), configuring advanced email filtering, and establishing verification procedures for financial transactions. We also conduct BEC-specific awareness training to help staff recognise these sophisticated scams.

Example Use Case

"An Australian construction company nearly transfers $180,000 to a fraudulent account after receiving an email appearing to be from their CEO. Their verification procedure (calling the CEO directly) catches the scam, and they subsequently implement DMARC and staff training."