According to the 2023 Verizon Data Breach Investigations Report, more than 50% of social engineering attacks, such as pretexting, phishing, and credential thefts, are related to BEC.
Gartner in its report identifies the key challenges businesses face with BEC attacks and makes recommendations on how to respond with both email security and user awareness training.
- Maximize protection against BEC by seeking out and implementing AI-based secure email gateway solutions that offer advanced BEC phishing protection, behavioral analysis, imposter detection and internal email protection.
- Supplement your existing email security solutions with additional controls to further reduce the risk of BEC attacks like ATO and domain abuse.
- Update processes around user and email authentication for financial/data transactions and migrate high-risk ad hoc transactions to authenticated systems to bridge gaps in business process errors.
- Educate users and suppliers/partners on the different types of BEC phishing, and preventive measures for protection, by conducting user awareness training at regular intervals.
Gartner, How to Protect Organizations Against Business Email Compromise Phishing, Satarupa Patnaik, Franz Hinner, 21 August 2023
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.