20 Business Email Compromise Statistics 2025

Business Email Compromise, or BEC, is a cybercrime where attackers impersonate someone trusted, like a company executive or vendor, to trick employees into sending money or confidential information. It usually happens over email and can be hard to detect.

Phishing often involves mass emails with generic messages. BEC is much more targeted. Attackers research their victims, monitor conversations, and sometimes gain access to real email accounts to make their messages appear legitimate.

Employees responsible for payments or sensitive communications are common targets. This includes finance teams, executives, and anyone who works with external vendors. Smaller businesses can be especially vulnerable if they don’t have strong security practices in place.

Red flags include urgent payment requests, last-minute changes to banking details, unusual timing (such as emails sent after hours), or email addresses that are slightly altered. The tone of the message may also feel out of place, even if the sender appears familiar.

Always verify changes to payment information through a separate communication method, like a phone call. Train employees to recognize suspicious behavior, and implement email security tools such as SPF, DKIM, and DMARC. Introducing multi-step approval for financial transactions also adds protection.

Respond immediately. Contact your bank to attempt to stop or reverse the payment. Report the incident to the appropriate cybercrime authority. In the United States, that would be the FBI’s Internet Crime Complaint Center (IC3). Acting quickly increases the chance of recovering funds.

Because they rely on trust. The emails often use real names, reference actual business processes, and appear to come from legitimate sources. This makes them difficult to detect, especially when they don’t contain typical scam indicators.