Responding to Business Email Compromise

Mike Driscoll shares proactive steps organizations can take to mitigate the risk of business email compromise (“BEC”).

Business Email Compromise (“BEC”) occurs when attackers impersonate a trusted member of your organization and create a communication that attempts to trick you or trick your employees into sending money, sharing confidential information, or otherwise changing access to your network or systems.

If an organization is impacted by a business email compromise (“BEC”), time is of the essence.

It’s crucial that you make contact with law enforcement quickly and that you work to preserve the information that will help ensure a positive outcome on the back end. That means contacting your financial institution, working with experts who know how to deal with the threat and prevent it from happening in the future, and securing your network.

Organizations can mitigate the risk of a BEC by taking some steps long before it happens:

  • Multi factor authentication, e-mail filtering, and anti-spam tools will help catch these communications before they hit your network.
  • Encourage your employees to report these events when they happen. That means contacting the appropriate members of your organization even when they think something is just suspicious.
  • Segregate the duties of your employees; no one person should have the ability to change your business process.

At FTI Consulting, we have significant experience assisting organizations in the prevention of, and response to, BEC attacks. Our experts have extensive technical and investigative experience and strong connections with law enforcement agencies, allowing for thorough investigations and assistance in the recovery of stolen assets.

Related Insights

Related Information

Published

March 18, 2025

temp Key Contacts

Mike Driscoll

Senior Managing Director

Sign up to get access to FTI Consulting Insights

Subscribe