Breaking Down BEC: The Modern CISO’s Framework for Identifying, Classifying and Stopping Email Fraud
Business email compromise (BEC), also known as email fraud, is one of cybersecurity’s costliest and least understood threats. This fast-growing
category of email fraud doesn’t always garner as much attention as other high-profile cyber crimes. But in terms of direct financial costs, BEC easily overshadows other types.
In 2020 alone, BEC schemes cost organizations and individuals more than $1.8 billion. That’s up more than $100 million from 2019, and it represents 44% of total cybercrime losses.
As BEC schemes have evolved, industry nomenclature has outlived its usefulness.
The terms used to explain BEC tactics and techniques have become ambiguous,
conflated with other concepts, and misused. Without a framework to describe BEC
attacks—let alone conceptualize them—researching and managing the threat is
difficult, if not impossible.
That’s what the Proofpoint email fraud taxonomy is for. This framework is designed to help security professionals better identify, classify and ultimately block this costly threat. Download the whitepaper to discover more about invoicing fraud, payroll redirects, extortion and more.