BECs and EACs: What's the Difference?
Email can be awful. From all varieties of spam that sneak through your filters to "reply all" conversations that trap you into finding meaningful comments buried 17 layers deep in a message, email is the business scourge that not even a pandemic can erase. And it only gets worse: Email is also a vector for a variety of attacks that can open the door for theft, fraud, ransomware, and more.
According to the FBI, business email compromise (BEC) attacks were responsible for more than $26 billion in global damages between 2016 and 2019. BEC is a broad description, used by some organizations (like the FBI) to cover virtually all attacks that use a trusted email address as part of the campaign. Others, however, use BEC as a more specific term and email account compromise (EAC) to describe a different type of attack.