Practical strategies for mitigating the risks of Business Email Compromise

Despite many other communication platforms becoming central to how we communicate at work, email has remained a key target for cyber criminals. Why? Many businesses rely on email to issue invoices, share sensitive documents and liaise with clients or stakeholders. 

The latest Notifiable Data Breaches report noted that 24% of malicious and criminal attacks reported to the OAIC were caused by social engineering. Seeing as email remains a key platform for conducting these attacks, it’s essential that your team understands the risks of such attacks and has the skills to recognise them.

Business Email Compromise is one type of cyber attack that uses social engineering to harm your business. So, does your team have the knowledge to protect your business from these attacks?

What is Business Email Compromise?

Business Email Compromise is a targeted social engineering attack carried out by a threat actor that has gained access to a legitimate business email account. Cyber criminals might gain credentials through brute force attacks or phishing and then target individuals associated with that account.

The idea is to trick these people into sending money to the cyber criminal’s account or divulging sensitive information. For example, a threat actor might use a legitimate business email address to request someone send an invoice payment to a new bank account.

How can your team spot Business Email Compromise?

There are a few key warning signs that a threat actor has compromised a colleague’s email account:

Unusual requests: If an email asks you to do something unusual, like transferring money to a new account, it could be Business Email Compromise. Be particularly cautious if the email asks you to keep these requests a secret.

Changes in payment instructions: A sudden request to send money to a new bank account, especially if it’s personal, should cause concern. 

Inconsistent branding: If the logo, email style, or even the tone of writing doesn’t match previous communications from that person, then you could be dealing with an impersonator.

What are some key tactics for preventing these attacks?

Raising awareness among your team is the best way to prevent these attacks from seriously impacting your business. A few actions that staff can take include:

Verify requests and the sender: Reach out to the person via instant messaging or call them to verify their request. If you cannot contact them via an alternative channel, raise it with the appropriate people and get their assistance verifying the request.

Use strong passwords and multi-factor authentication (MFA): Use a unique, strong password for each account. Also, it’s best to enable MFA on all your accounts for an additional layer of security.

Report suspicious activity: If you receive a suspicious request, report it to the necessary people in the business. 


Business Email Compromise can severely impact your business, so your team must know how to recognise these attacks and take the necessary precautions to prevent them. The more your team knows about these threats, the better equipped they will be to recognise and handle them effectively. 

Layer 8’s Cyber Escape Rooms give your team the knowledge to recognise cyber attacks

Boosting your team’s knowledge about cyber threats, particularly Business Email Compromise, is crucial to protecting your business. 

Our Cyber Escape Rooms are an engaging way to train your team and ensure they retain the knowledge and skills needed to protect your business. We can tailor the experience to suit remote and on-site teams, with different escape room missions available. Visit our Cyber Escape Rooms page to get started.

Related blogs

8 essential components of a solid cyber security education plan

What are the signs your team needs a cyber security refresher?

Why undergo a cyber security and behaviour audit?

Popular Posts