9:00 AM on a Tuesday: The BEC Sweet Spot

Gift Cards are King

When BEC attacks first emerged in large numbers approximately five years ago, the primary object was to persuade the target to wire money to a criminal’s bank account under the assumption that they were paying a legitimate vendor invoice. And while this tactic is still in the picture, Accounts Payable and Finance departments have grown aware of it — making it harder to pull off and decreasing revenues.

Attacks Occur Early

Speaking of a daily basis, recent research shows that BEC scams are sent seven days a week. That said, the vast majority (97%) send attacks on weekdays, perhaps not surprisingly given their targets. What may be surprising to some is just how closely cybercriminals adhere to what are seen as best practices by legitimate email marketers. Despite sometimes conflicting research and variances between industries, a general rule of thumb is that the best day to send an email is Tuesday. During the last quarter, roughly one in every four of all BEC emails arrived on a Tuesday, with the rest tapering off Wednesday through Friday.

BEC Remains Big Business

As average losses from successful BEC attacks continue to grow, the way organizations respond to this growing threat is of critical importance. Unfortunately, secure email gateways and other legacy email security systems cannot detect these threats as they contain no malicious links or attachments. In contrast, the Agari Identity Graph leverages data science and real-time intelligence from trillions of emails to establish normative, trusted behaviors and signals between email sender and recipient — including devices, message volumes, locations, and more — to spot and neutralize advanced email threats.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.