How To Recover Funds Lost To Business Email Compromise (BEC)

Recover Funds Lost To Business Email Compromise: Business email compromise (BEC) is a type of cyber attack that the corporate email account of a company is hacked and the real company or personnel is impersonated to defraud the company, its partners, customers and/or employees into ending sensitive information or money to the attacker’s account.

A business email compromise is sometimes called a “man-in-the-email” attack. This is derived from the popular social engineering attack “man-in-the-middle” attack where the communication between two parties is intercepted and altered by an attack to gain insight or defraud one or b0th parties of their funds.

 A business email compromise is a large and growing problem that targets organizations of all sizes across every industry around the world. BEC scams have exposed organizations to billions of dollars in potential losses.

Email account compromise (EAC) or email account takeover is a similar threat that is popular in an era of cloud-based infrastructure. Most times, EAC is associated with BEC because hacked or compromised email accounts are used to execute scam schemes that look like BEC scams. BEC and EAC are difficult to detect and prevent, especially with legacy tools, point products and native cloud platform defences.

How Business Email Compromise Works

At the beginning of a BEC scam, the attack conduct extensive research on the targeted organisation. The attacker will go through publicly available information about the target company from social media profiles and posts, the company’s website and press releases. The cybercriminal may even look for the names and official titles of executive members of the company, corporate hierarchy, and even travel plans from email auto-replies.

The attacker will then use various social engineering attacks to gain access to an executive’s email account. To stay hidden, the attacker might use inbox rules or change the reply-to address so that when the scam is executed, the executive will not be alerted.

Another trick is to create an e-mail with a spoofed domain. For example, the attacker might use instead of, or instead of If you do not pay close attention, it is easy to get fooled by these slight differences. One of the most famous spoofed domain tricks ever was the “” – a scam site imitating the money transfer website

After lurking around corporate communications for some time, the attacker will now have a relatively good idea of scam scenarios that might work since they know who is responsible for different roles in the organization. For instance, if the company has a lot of suppliers, the attacker can send invoices to the accounting department for the rush payment of materials. The attacker would know who is responsible for wire transfers and be able to craft a convincing scenario that would require the immediate transfer of funds.

Recover Funds Lost To Business Email Compromise

 Recover funds lost to Business email compromise

The recovery process for the BEC scam is kind of technical because of the amount of expertise and technical knowledge used to carry out the attacker. Most BEC attackers are sophisticated cybercriminals so it can take some time before authorities both local and international police can get hold of this cybercriminal. And when they finally do the criminal might have spent part if not whole of the money they defrauded your company of. 

The best option is to hire a white-hat hacker to retrace the whole process of the scam scheme. The hacker or group of hackers can work as both financial investigators and cyber security experts retrace and recover the money lost. We recommend you go to Duolabs to hire a professional hacker to help resolve your BEC scam. Duolabs is a leading platform for hackers with various areas of expertise. Go to to learn more about them.

Best Practice For Protecting Against BEC

Business e-mail compromise attacks are successful for three main reasons:

  1. Insufficient security protocols
  2. Social engineering
  3. Lack of employee awareness

There should be Multi-factor authentication as an IT security policy for all staff members regardless of organisation position. This will help prevent unauthorised access to emails especially if the attacker attempt to log in from a different device or location.

In addition to stronger security protocols, employees should also be educated on various social engineering attacks so that can be able to identify one in case of an attack. Employees should be trained on identifying fraudulent e-mails and scammers’ tactics

Similar Posts

Leave a Reply

Your email address will not be published.