Business Email Compromise (BEC): Meaning and Definition

Business Email Compromise (BEC) is a targeted social-engineering attack in which criminals impersonate executives, vendors, or trusted partners over email to trick employees into wiring funds, sharing data, or processing fraudulent invoices. BEC frequently relies on look-alike domains and typosquatting to make attacker emails appear legitimate. Defenses combine email-authentication standards (SPF, DKIM, DMARC), continuous monitoring of newly registered domains that mimic the company, and employee training so suspicious payment requests are challenged before money leaves the organisation.