Business Email Compromise (BEC) Fraud and How to Prevent it

Abstract

Cybercrime is on the rise both at the national and cross-border levels. The latest mode of cybercrime is fraud using Business Email Compromise (BEC). A qualitive analysis method with literature study is applied to discuss two key questions of this paper. First, how does the BEC scheme occur?. Second, how an organization/company can prevent/mitigate the risk of BEC fraud. This paper concludes that BEC can be executed in the form of phishing emails sent by perpetrators (both internal and external actors of the organization) to the target victim (organization’s employees) in order to deceive and obtain financial gain. Various efforts can be made by an organization/company to prevent the risk of BEC fraud, among others in the form of implementing a risk management system, implementing an information security management system, and increasing the organization’s internal awareness.