Dots Screenshot Compressed Dark

Business Email Compromise

Protect your people from socially engineered phishing attacks, with Egress Defend.
Request a demo Egress Defend

Business email compromise is the most common phishing threat

37%

of cybercrime losses reported to FBI caused by BEC

98%

of cyberattacks involve social engineering

$43bn

has been lost due to BEC attacks

Exploiting your trusted relationships

Business email compromise (BEC) is one of the hardest attack techniques to detect. Threat actors impersonate or hijack a legitimate business email account that belongs to a trusted vendor, CEO, or another executive, using social engineering to trick their target into fraudulently transferring funds or divulging sensitive information.

The signature-based detection in Microsoft 365 native security and secure email gateways (SEGs) cannot detect BEC attacks at the rate modern enterprises need to prevent financial losses, data exfiltration, and reputational damage.

Stats V2 BEC
Solutions BEC 1

Egress Defend uses intelligent technology to detect BEC attacks

  • 1 Display name impersonation detection. This is difficult for users to spot, especially on mobile devices, and as the domain is real, it passes SPF checks.
  • 2 Homograph attack. The domain c0mpany.com is used to fool the user into thinking this is a genuine email. However, the display name matches that used by an internal user. An internal user with an external domain is treated with suspicion by Egress Defend.
Solutions BEC 2

Natural language processing (NLP) enhances detection of BEC attacks

  • 3 Linguistic analysis. Egress Defend detects that the language used in this email includes credibility statements that incite a sense of urgency and try to deter the user from confirming legitimacy through other means.
  • 4 CEO impersonation. Using NLP, Defend detects that the attacker is posing as the CEO to appear as a trusted and important sender to try to increase the likelihood that the user will engage.
Solutions BEC 3

Cut through the noise to highlight the risks that matter

Reporting on threats such as BEC attacks in your email flows can be manual and slow. Even worse, systems can throw too much unnecessary information at you, making it harder to make timely and effective decisions.

Egress Defend’s intelligence platform provides simplified dashboards and critical insights so that administrators can quickly cut through the noise, identify email security risks, and, where necessary, remediate them.

Solutions BEC 4

Actionable intelligence

Data and analytics should not overwhelm you with information. Augmented threat intelligence into attack types, payload, and supply chain health gives Security teams what they need to take decisive action that mitigate threats.

Our real-time threat feed offers insights and statistics into email details, type of attack, threat levels, authentication checks, communication history, and how your people interacted with the email.

Are you curious about how Egress Defend can safeguard your organization against BEC attacks?

 

Request a personalized demo View Egress Defend

What our customers say

Hear from companies and organizations who use Egress Defend to prevent Business Email Compromise.

Egress Defend scans links and tags emails, making information available to the end-user. This information helps raise awareness among our staff and also helps them learn what to look out for. If a user sees an anti-phishing banner in an email, they can click on it, and it explains to them why the email was flagged.

Combilft Logo Square 200X200 26Kb
Fearghal McCorriston IT Manager, Combilift
Read the customer story

Trusted by global organizations

  • Bupa Logo
  • Trusaic Logo Clear
  • Bae Systems Logo
  • Bernicia Logo
  • Nspcc Logo (1)
  • Spire Healthcare Logo
  • Qinetic Logo
  • Dis Chem Logo
  • The National Archives (1)

Read more about preventing Business Email Compromise

Gartner Market Guide for Email Security

Egress is recognized as a Representative Vendor in the February 2023 Gartner Market Guide for Email Security report.

According to Gartner, "the migration to cloud email platforms continues along with a significant increase in the number of phishing attacks. Security and risk management leaders should evaluate the native capabilities offered by cloud email systems and ensure that they are adequate to prevent sophisticated attacks."

You can use a Market Guide to understand how the status of an emerging market aligns with your future plans. In addition, since Gartner has published over 100 Market Guide research notes, IT and strategic leaders can gain a broad view of many markets, including mature and smaller markets, in an easy-to-read format.

Download report

Analysis of a real business email compromise (BEC) attack in New Zealand

Egress’ threat analysts detected a phishing campaign that followed a successful account takeover (ATO) attack.

Analysis of a real business email compromise (BEC) attack in New Zealand

How to Use a Hacker’s Toolkit Against Them

Read insights from our threat researchers about the tools and tactics attackers use in the first three stages of the cyber kill chain.

Read the report

How does a payloadless phishing email work?

Learn how payloadless phishing emails are designed to evade Microsoft 365 and secure email gateways

Read article
G2crowd Winter2023

Egress Intelligent Email Security

Protect against sophisticated inbound and outbound email threats without creating productivity roadblocks.

Inbound threat protection
Small Icon Defend SVG

Egress Defend

Protects against advanced phishing threats.
Learn more
Outbound threat protection
Small Icon Prevent SVG

Egress Prevent

Protects against accidental and malicious data loss.
Learn more
Small Icon Protect SVG

Egress Protect

Secure, certified end-to-end email encryption.
Learn more

Egress Security Center

Egress Intelligent Email Security products are managed from the Egress Security Center admin console.
Learn more
Esc Icon