Helping to share the web since 1996


Business Email Compromise (BEC) Overtakes Ransomware as Top Cybersecurity Threat

New research by cybersecurity experts Secureworks has found that Business Email Compromise (BEC) attacks have become the primary method for hackers looking for profit, overtaking ransomware. The report analyzed over 500 real-world security incidents that took place between January and December 2022 and found that the number of BEC incidents had doubled, becoming the most common type of attack. The explosive growth in BEC attacks is believed to be due to successful phishing campaigns, which account for 33% of incidents where an initial access vector (IAV) could be established. The report also suggests that BEC attacks require little to no technical skill and can be extremely lucrative for attackers, as they can simultaneously phish multiple organizations without needing to operate complicated affiliate models.

Meanwhile, ransomware incidents dropped by 57% last year, but it remains a core threat. The decrease could be due to the changing tactics of threat actors or the improved effectiveness of law enforcement agencies in hunting them down and shutting down their infrastructure. The report suggests that to stay safe from BEC attacks, organizations should educate their employees to spot phishing emails, set up a strong email security system, and use multi-factor authentication wherever possible. Additionally, employees and executives should keep email access to themselves and not share login credentials with coworkers, friends, or family. The FBI warned in May 2022 that BEC had grown into a $43 billion industry.

«

»

Back to news headlines