Please fill in the form below to subscribe to our blog

10 Must-See Business Email Compromise Statistics

April 08, 2021

These 10 Business Email Compromise Statistics Show Just How Dangerous This Threat Can Be


Business email compromise (BEC) is a type of phishing-related fraud that can have far-reaching consequences. Not only can your business be harmed by a successful attack, other companies that your business connects with can also also be damaged. Plus, this threat can be very hard to sniff out with a byzantine structure that also makes it hard to mitigate. These 10 business email compromise statistics demonstrate the rising tide of business email compromise risk. Business email compromise attacks are a nightmare for IT security teams, but there are ways to reduce the chance of your business being next on the list.


ransomware defense can be complicated by cryptocurrency risk

See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>


10 Business Email Compromise Statistics That Illustrate the Growth of This Threat


  • Business email compromise rose by 14% overall in 2020 and up to 80% in some sectors
  • 65% of organizations faced BEC attacks in 2020
  •  In 2020, BEC costs increased rapidly, from $54,000 in Q1 2020 to $80,183 in Q2
  • The energy and infrastructure sector topped the 2020 list with 93% of attacks
  • 60% of the information on the dark web could potentially damage businesses
  • In 2020, 80% of firms experienced an increase in cyberattacks 
  • 62% of BEC scams involve the cybercriminal asking for gift or money cards.
  • The most common type of BEC scam is invoice or payment fraud
  • Payment/invoice/billing scams skyrocketed by 155%, in 2020
  • The average amount requested in wire transfer-based BEC attacks nearly doubled in 2020 from $48,000 in the third quarter to $75,000 in the fourth quarter.

malicious insider threats can include cryptocurrency risk represented by a crime comic style blue eye looking through a peephole.

Use our Cybersecurity Risk Protection Checklist to find vulnerabilities before the bad guys do! GET IT>>


Stop Business Email Compromise Before It Starts When You Stop Phishing


The most effective way to prevent business email compromise from coming to call at your business is to mount a strong, multifaceted defense against tit’s primary delivery system: phishing email. A power pair of solutions can help you mitigate the threat while a third solution works overtime to close the door on business email compromise.

Phishing resistance training with BullPhish ID

An absolute must-have for any organization in today’s tumultuous world is a strong cybersecurity culture. But too many employees are still clicking on dangerous messages. Strengthen your security culture and also reduce your risk of suffering an email-based cyberattack by up to 70% when you add effective, cost-effective phishing resistance and security awareness training with BullPhish ID.

  • Automate your training with simple management tools and plug-and-play training kits with 4 new kits added monthly
  • Eliminate training confusion, pre-schedule automated campaigns to keep frequency high and make it painless for everyone with user-friendly training portals
  • Simulate real industry-specific threats toby taking advantage of customization options including email, attachments, video URLs and more fast

See how automated, affordable phishing defense with Graphus can save your business a fortune! GET THE EBOOK>>


Stop Bad Actors from Opening the Door to Your Business


One of the easiest ways for BEC scammers to slip inside a business is by filching a password – especially a privileged credentials. Stop that from kicking your business in the teeth by adding secure identity and access management with Passly. Why pay more for 3 or 4 solutions to do what Passly does in one affordable package.

  • Get multifactor authentication, the single mitigation that stops over 90% of cybercrime.
  • Single sign-on makes it easy to stop a BEC attack or quarantine an affected user account.
  • Stop password reuse from crushing your security with an easy to use easy to run access point gateway

While you’re looking at improving your protection from email-based cybersecurity threats like BEC, don’t underestimate the power of automated anti phishing security. Add big protection at a small price with AI-powered Graphus.

The ID Agent digital risk protection platform has the strong solutions that every business needs to protect their systems and data from today’s biggest threats. Contact our solutions experts today to learn how your business can benefit and receive a free, personalized demonstration.