Business Email Compromise/Email AccountCompromise (BEC/EAC) scams can destroy businesses.

Shield your company againstBEC/EAC scams by taking these steps:

a. Company domain: Establish a DMARC record.b. Email accounts: Enable two-factor authentication.c. Awareness: Know that attackers often send BEC/ EAC scam emails when the executives they are trying to impersonate are traveling on business.

a. Adopt a comprehensive antiphishing program that includes a phishing simulations program and a reporting tool to empower all your employees.b. Identify specific, real-world phishing scenarios and add them into your phishing simulation rotation.

131 CountriesImpacted by

BEC/EAC scams3

2,370%

4. Simulate

1. Protect

a. Minimize the number of people who process and approve wire transfers.b. Make a list of these authorized personnel available to employees.

2. Authorize

Sources1. FBI, "Business Email Compromise Email Account Compromise: The 5 Billion Dollar Scam,” May 4, 20172. Ibid.3. Ibid.

a. Require dual authentication and approval of all wire requests. b. Verify new or different payments (with at least two people). c. Create a maximum amount that can be withdrawn for wire transfers.

3. Authenticate

$5.3 Billion USDin actual and attempted

loses from BEC/EAC 2Increase in financial losses

from BEC/EAC 1

From BEC AttacksHow to Shield Your Company