Training alone will not prevent BEC. Scams are constantly evolving, making it difficult to spot red flags. As a result, training and compliance are inextricably linked.
BEC attacks typically target mid-level employees who rarely communicate with the executives, attorneys, or vendors ostensibly behind a transaction request. As a result, employees may be hesitant to approach the requestor in person to authenticate the transaction.
An effective compliance culture provides employees with the protocols they need to confidently follow up. BEC criminals’ attacks are more likely to fail if they lack the internal isolation on which they rely.