20% of Advanced Email Scams Now Launched from Hijacked Accounts

Making BEC a Breeze

Despite growing awareness, BEC scams surged 60% in 2018, according to the FBI. And the results haven’t been pretty.

Outlook 2019: More Outrage Ahead

The impact of this form of attack cannot be overstated. After all, a successful account takeover doesn’t just give fraudsters the ability to impersonate the account’s legitimate owner. It also gives them access to the individual’s contacts, ongoing email conversations, and historical email archives — making it possible to craft new scams made all the more appalling by their uncanny personalization and devastating effectiveness.

Email’s Identity Crisis

While the rise in ATO-based BEC attacks is alarming, they’re just one of the ways cybercriminals impersonate trusted businesses and individuals. Data captured in the Q1 report shows display name deception continues to be the tactic of choice for cybercriminals, accounting for 63% of all impersonation-based email attacks.

Fighting Back, or Rolling Over?

Indeed, with average losses from a successful BEC scam trending as high as $1.6 million, and an average of $7.9 million in additional costs if it leads to a data breach, how organizations react to the new wave of account takeover-based BEC attacks is of paramount importance.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.