New guide on business email compromise

06 August 2024

News article

Protect your business from email scams with NCSC's new guide

The National Cyber Security Centre (NCSC) has released new guidance to help small businesses protect themselves against business email compromise (BEC) attacks, a growing type of cybercrime.

BEC attacks involve criminals hacking into work email accounts to trick people into transferring money or stealing sensitive information. These attacks often target senior staff or those who can authorise financial transactions.

A recent government report found that in 2023, 84% of businesses and 83% of charities experienced phishing attacks, which often include BEC.

The NCSC's new guidance offers simple steps to reduce the risk of BEC attacks, especially for smaller organisations with fewer resources. Key advice includes:

reducing your digital footprint
training staff to spot phishing emails
using the 'least privilege' principle
setting up two-step verification

The guidance also covers what to do if your email is hacked or if you've been tricked into making a fraudulent payment.

Read the full guidance on dealing with BEC attacks.

Although following this guidance can lower the risk of BEC attacks, no organisation is completely safe from cyber threats. The NCSC also recommends:

registering for their free 'Check your email security' tool
planning for possible breaches
practising responses using their 'Exercise in a Box' tool

Larger organisations may wish to refer to the NCSC's detailed guidance on defending organisations from email phishing attacks, which includes technical mitigations that will help counter BEC.

First published 6 August 2024

Printer-friendly version

Actions

How to avoid phishing attacks

Also on this site

Protect your business against phishing

Cyber security incident response plan

Guides
- Find guides by sector
- Find guides by theme
  - Starting a business
    - Before you start your business
      - Considering starting a business
      - Start-up business ideas
    - Start your business
    - Running your start-up business
    - Grow your start-up business
      - Trade with other countries
      - Take steps to grow your business
  - Finance
    - Find local finance
      - Northern Ireland business support finder
    - Raising finance
    - Managing finance
    - Financial difficulty
      - Managing financial difficulty
  - Taxes
    - Business tax
    - Self-employed and tax
      - Setting up as self-employed and tax
      - Help and support for the self-employed
    - PAYE and payroll
      - PAYE and payroll for employers
    - Keeping records for business
      - Record-keeping
    - Excise duties
    - Industry-specific taxes
    - Complying with European law
    - Contact or deal with HM Revenue & Customs (HMRC)
    - Companies House returns, accounts and other responsibilities
    - Business changes
      - Making changes to your business
    - Selling, closing or restarting your business
    - Accountants and tax advisers
  - Employment and skills
    - HR documents and templates
    - Recruitment
    - Employment documents and policies
      - Staff documents and employment policies
    - Pay, pensions and minimum wage
    - Manage people
    - Holidays, statutory leave and time off
      - Holiday, other leave and sickness
      - Maternity, paternity, adoption and parental leave
    - Performance, training and development
    - Resolve conflict and staff leaving
      - Problems at work
      - Dismissals and staff leaving
  - Health and safety
    - Coronavirus (COVID-19): Staying safe at work
    - Health and safety basics
      - Protecting your business
    - Health and safety made simple
    - Make your business safer
      - Managing the welfare of people
      - Safer ways of working
  - Efficiency and environment
    - Environmental action to improve your business
    - Reduce, reuse, recycle your business waste
    - Resource efficiency
    - Reducing your environmental impact
    - Environmental guidance by business sector
  - Business premises and rates
    - Choosing the right business property
    - Rates for non-domestic properties
      - Business rates
    - Property management and costs
    - Adapting and improving your property
      - Make your property more efficient
      - Disabled access and facilities in business premises
  - Innovation and R&D
    - Product and service development
      - Developing products and services
      - Research and development
    - Design and business innovation
      - Use innovation in your business
      - Design for business success
    - Intellectual property
      - Intellectual property for business
      - Patents, trade marks, copyright and design
  - Sales and marketing
    - Business contracts and fair competition
    - Consumer rights and protection
    - Marketing your business
    - Product safety
    - Sales laws
    - Know your customers
    - Maximise your sales
  - IT
    - IT basics
      - Introduction to IT
      - Choosing suppliers
    - Software and technology solutions
      - Software and business applications
      - Communications
    - Getting online
      - Create and manage a website
      - E-commerce
    - Security and data protection
      - Data protection and legal issues
      - IT security and risks
  - Exporting and importing
    - Basics of importing and exporting
    - Choosing a market
      - Doing business in the EU
      - Trading with countries outside the EU
    - Procedures and licences
    - Sector overviews and regulations
    - Moving your goods
    - Customs declarations
      - National Clearance Hub
  - Grow your business
    - Prepare for growth
      - Assessing current performance
      - Planning business growth
    - Strategies for growth
    - Finance and logistics
      - How to grow your business
      - Financing growth
    - Managing growth
      - Leading staff through growth
      - Manage business risks
  - Buy or sell a business
    - Acquiring a business
    - Selling your business
    - Exiting and transferring your business
      - Businesses in difficulty
      - Transferring your business
Resources
News
Events