Have you ever seen an email like this come across your inbox?

This appears as a simple request from a higher-up. It’s not. It’s someone impersonating an executive, hoping to get someone junior to respond.

Business Email Compromise (BEC) attacks are popular because they are simple to execute. By spoofing a trusted user it requires no malware or malicious URL to convince a recipient to share valuable information or send significant amounts of money.

According to our research, BECs like this one make up 20.7% of all phishing attacks. 

One reason? They work. The average BEC payment nearly doubled between the first and second quarters of 2020. It's now at $80,183, on average. Gartner found that BECs increased by nearly 100% in 2019 and through 2023, predicts that BEC attacks will continue to double each year, at a cost of over $5 billion to its victims.

Companies like Mimecast and Proofpoint are designed only to monitor inbound email—therefore they have no way of scanning an internal email or understanding the context or conversational relationships within an organization. When an external gateway sees an email from the 'CEO' to the 'CFO', it will be the very first time it has seen such a conversation. While an internal solution will have seen thousands of similar real, internal conversations to compare it to, an external gateway can only guess at the context. 

Avanan has all the protections needed to stop BEC attacks. That includes machine learning algorithms that combine with a role-based, contextual analysis of previous conversations to identify what other solutions had been missing.

It includes deployment-day analysis of one year’s worth of email conversations to build a trusted reputation network.

It includes the scanning and quarantining of internal email and files in real-time, protecting against east-west attacks and insider threats.

And it has account takeover protection beyond email, including monitoring of login events, which is important for this global company. 

Over 20% of the attacks that your users are seeing are of the BEC variety. Wouldn't it be nice if that number was zero?

Subscribe to Our Attack Briefs for More Research