Business Email Compromise (BEC) is often described in the media as merely an email scam, but in reality, it’s part of an organized broad operation. The email itself is only one part of the attack chain. In order to support a successful monetization of email fraud, attackers need to be patient and learn about the procurement process in the organization, and to build or rent an entire infrastructure and operation.
A single BEC often includes gaining access to their targeted business, gathering raw data, analyzing the mailbox context, building reliable communication channel, accessing t reliable payment infrastructure, orchestrating everything in the right timing, and finding a way to move money after it’s stolen.
Flare researchers sampled and analyzed underground posts related to BEC from the past year; Highlights of the findings include:
AI-powered BEC is getting popular, reducing the learning time and increasing the scam “quality”.
Actors are interested mainly in SaaS accounts (such as O365). Corporate leadership and financial employees are the most desired targets.






