Protect against Business Email Compromise and Email Account Compromise

Effectively block threats with a layered solution against BEC and EAC

The FBI has stated that Business Email Compromise (BEC) and Email Account Compromise (EAC) have cost businesses $26B between June 2016 and July 2019. Given the complexity in tactics and channels for these attacks, you need to implement numerous controls for security to be effective.

Block BEC and EAC attacks with:

  • Gateway Controls
  • Authentication
  • Cloud applications
  • Web access
  • Visibility
  • Automated remediation
  • End user education

Identity deception could be impacting your business

Identity deception is used by threat actors to attack your business in two main ways; spoofing an identity (BEC) or stealing a valid identity (EAC). It is critical to address both elements to minimize the risk of losses associated with these threats.

Business Email Compromise

Business Email Compromise (BEC) attacks ask the victim to send money or personal information out of the organization. Attackers do this by spoofing a person in authority, such as a CEO or VP of Finance. In order to stop BEC attacks, organizations should consider implementing controls that:

  • Blocks attacks that use spoofed and lookalike domains
  • Analyzes all email content and headers using machine learning
  • Enables creation of global email authentication policy
  • Removes suspicious and unwanted email from end user inboxes
  • Shows authentication status across supply chain and business partners
  • Offers end user education to help identify Business Email Compromise (BEC) attacks
  • Blocks attacks that use spoofed and lookalike domains

Email Account Compromise

Email account compromise can occur if a threat actor successfully tricks a victim into providing their credentials or accesses an account through other means. If an account is compromised, it can be used to move lateraly inside an organization, steal data, or fraudulently communicate with your business partners or customers. In order to protect against email account compromise, you need a solution that:

  • Highlights brute-force attacks and suspicious user behavior across cloud applications
  • Identifies very attacked people
  • Forces password resets on accounts that are compromised
  • Enables read-only access to unknown websites to prevent credential theft
  • Assess end user vulnerability to credential theft attacks


Business Email Compromise

At Proofpoint, we offer a layered approach to protecting against Business Email Compromise (BEC) by addressing the many tactics that are used by threat actors. Tackling the problem in this way prevents threats using display name spoofing, domain spoofing and lookalike domains. This also prevent BEC threats impacting your partners and customers with DMARC email authentication; this prevents potential financial impact as well as brand damage. We provide education and visibility so you understand how your organization is being attacked and the potential vulnerabilitity of an individual or group to fall for an attack. And we improve the ability of your people to identify these threats.


Email Account Compromise

Preventing email account compromise spans different threat vectors, given the propensity of credential reuse across different accounts that an end user might have; this can also span personal and corporate accounts. We give you visibility and control across cloud applications, email and personal webmail. This helps you prevent the loss of credentials and identify suspicious behavior accessing these accounts. It is critical to be able to identify attempted email account compromise and the symptoms of accounts that are already compromised. In this way, your organization can limit exposure to both infection and data loss.

How to Effectively Block BEC and EAC Attacks


  • Block attacks that use spoofed domains
  • Tag external email to inform recipients of the origin of the email
  • Analyze message headers to identify anomalies
  • Analyze all email content with machine learning
  • Identify and block display name spoofing
  • Enforce email authentication policy


  • Create a global email authentication policy (DMARC) and enforce it on an internet-wide basis
  • Block all attempts to send unauthorized emails from your trusted domains
  • Report on look-alike domain registrations

Cloud Applications

  • Identify suspicious cloud account activity
  • Detect brute-force attacks
  • Build policies to prioritize alerts

Web Access

  • Isolate access to unknown websites
  • Provide read-only access until security analysis is complete
  • Control content entering your organization through personal webmail accounts


  • Identify the VAPs in your organization
  • View the authentication status of your supply chain
  • Provide user-centric visibility into account attacks

Automated Remediation

  • Identify and remove suspicious emails that have entered the organization
  • Remove unwanted email from internal accounts that are compromised
  • Force password resets and disable accounts that are compromised
  • Use an account authentication solution to reauthenticate sessions
  • Investigate account compromise incidents


  • Assess user vulnerability to BEC and EAC threats
  • Train users on how to identify threats and credential theft
  • Automate abuse mailbox process


Protection against business email compromise

Proofpoint email analysis accurately identifies and blocks business email compromise using machine learning techniques and email authentication.

Watch the Demo

Ready to give Proofpoint a try?

Let us walk you through our BEC and EAC solutions and answer any questions you have about email security.