Business Email Compromise (BEC)
A trusted email. A routine request. A redirected payment.
Business Email Compromise (BEC) is a targeted financial fraud where attackers infiltrate or impersonate legitimate business communications to manipulate real transactions.
The scam typically begins with access — either through a compromised email account or a near-identical spoofed domain. Once inside the communication flow, the attacker studies ongoing conversations, payment cycles, tone, and timing.
At the right moment, they insert themselves into the thread or initiate a new request that appears completely legitimate.
Common tactics include:
– Requesting updated banking details for an existing vendor
– Posing as an executive demanding urgent payment
– Redirecting invoices already in process
– Creating last-minute “changes” to payment instructions.
These messages are rarely obvious scams. They contain correct names, real context, proper formatting, and often match the exact writing style of the person being impersonated.
In more advanced cases, attackers set up email forwarding rules to silently monitor conversations and delete warning responses, keeping the victim unaware until the transaction is complete.
By the time the fraud is discovered, the funds have typically been transferred and are difficult — or impossible — to recover.
Authorization Renewal Scam
A charge you never approved — designed to make you react.
The Authorization Renewal scam is designed to trigger immediate reaction by making it appear a payment has already been approved on your behalf.
Victims typically receive a text or email claiming a subscription renewal or charge has been processed — often tied to recognizable brands like streaming services, antivirus software, or online retailers. The message includes a dollar amount and implies the transaction is already completed.
The objective is not the charge — it’s your reaction.
You are pushed to “cancel,” “dispute,” or “stop” the payment using a provided link or phone number.
That action is where the scam begins.
Common paths include:
– Redirecting you to a fake login or support page
– Prompting you to enter personal or payment information
– Connecting you to a live scammer posing as support
– Getting you to authorize access, downloads, or further actions
In many cases, the message creates urgency by suggesting the charge is active or irreversible unless you act immediately.
The key tactic is psychological — creating panic over a charge you never made, forcing you into fast, unverified action
.
There is no real charge.
The entire scenario is constructed to move you into their system, where the actual fraud takes place.
