Word Notes 9.1.20
Ep 13 | 9.1.20

business email compromise or BEC (noun)


Rick Howard: The phrase is: business email compromise or BEC.

Rick Howard: Spelled: B as in baiting, E as in evil, and C as in CEO, also known as email account compromise or EAC.

Rick Howard: Definition: a social engineering scam where fraudsters spoof an email message from a trusted company officer and directs a staff member to transfer funds to an account controlled by the criminal.

Rick Howard: Example sentence: the new working conditions enforced by the global COVID-19 outbreak has triggered a spike in BEC scams.

Rick Howard: Context: the FBI reports that in 2019 they received over twenty-four thousand complaints about BEC fraud that resulted in almost two billion dollars in losses. One of the FBI's public cases is the BEC attack that targeted the Mattel Toy Company, the maker of the iconic toys, Barbie and Hot Wheels. As the interim CEO, Christopher Sinclair was just coming on board in 2015, a fraudster spoofed an email from Sinclair to the company's CFO approving a three million dollar cash transfer to a new vendor in China, The Bank of Wenzhou. By the time Mattel officials realized that the CFO had been tricked, the money was already gone. Later, Mattel was able to track down a dozen more BEC scams that were launched at the company after this initial attack.