Business email compromise cyber-attacks are very low tech which means they are common and you need to be aware of them. The attacker will be using social engineering more than hacking itself.

The way it works is the cyber-criminal will spoof or even gain access to a corporate email account and make a fake email address that is exactly the same as somebody high up in the company. This is so they will be able to defraud the company, employees, customers, or executives of money.

There are many ways in which BEC can target and defraud you:

  • The attacker can pretend to be a CEO or a partner and request an employee to make an emergency payment into a fraudster’s account.
  • Sometimes they will purport to be a supplier requesting a change in payee information, which would actually transfer money into a perpetrator’s account.
  • A lawyer’s email address is sometimes used to pressurise for a payment.

These scams have resulted in worldwide losses of at least $26bn since 2016 according to the FBI in the United States. There are many measures and procedures that can be put in place to prevent Business email compromise. These include, taking care before clicking on any email links or attachments, employee education and training and changing processes to require phone verification of payment changes and having secondary sign offs.

Ryan Kalember, executive vice-president of cyber-security strategy at Proofpoint, said: “Business Email Compromise (BEC) is the most expensive problem in all of cyber-security. There is not a single other form of cyber-crime that has the same degree of scope in terms of money lost.”

How can we help?

At Hawsons we have a dedicated team who provide IT services and cyber security advice in Sheffield, Doncaster, and Northampton. If your organisation handles personal and confidential data and you need help with cyber security compliance then Hawsons can help you. We help organisations with data protection and cyber compliance, protecting their data.

If you would like to book your free first initial meeting with us click here.

If you would like to find out more information about our IT and Cyber security services click here.

Free initial meeting

Charles Kavazy is director of IT services at Hawsons

Charles Kavazy

Director of IT Services

0114 266 7141

[email protected]

Our offices

Pegasus House, 463a Glossop Road, Sheffield, S10 2QD

5 Sidings Court, White Rose Way, Doncaster, DN4 5NU

Jubilee House, 32 Duncan Close, Moulton Park, Northampton, NN3 6WL


0114 266 7141


01302 367 262


01604 645 600


Get in touch

All content © 2019 Hawsons