Executives Beware! Individual Impersonation Now Comprises Nearly a Quarter of All BEC Scams

Gift Cards Remain On Top

What do these fake executives want? Most are asking for gift cards, a trend we expect to continue as the holiday season approaches. Over the past quarter, BEC scammers requested 20 different types of gift cards. But cards belonging to five brands — Google Play, Steam Wallet, Amazon, Walmart, and eBay — continued to rank among the most dominant, figuring into nearly three in every four requests.

Money Talks, But Volume Talks More

Perhaps most interesting is the amount of money requested in these scams. During the past quarter, the average dollar amount for gift cards requested in BEC scams was just over $1,500, compared to more than $52,000 for attacks leveraging wire transfers. This disparity has made gift card-based BEC scams a numbers game propelled by volume and attack cadence.

BEC Continues to Grow

All this to say… business email compromise scams aren’t going away anytime soon. But they are becoming harder to spot. Our best advice for staying safe this holiday season?

  1. Triple-check the header information in your emails, especially those that include requests coming from executives or people in authority.
  2. If you can’t verify that the request is legitimate over email, reach out via another form of communication. This extra step only takes a few minutes, and it could save your organization thousands in dollars lost.
  3. Forward emails to your executives rather than replying directly. By forwarding the email, the correct email address has to be manually selected, ensuring that a tricky look-alike domain doesn’t enable cybercriminals to take advantage of you.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.