Business Email Compromise (BEC) remains one of the most lucrative and evolving cyber threats, costing organizations billions annually. This session takes a deep dive into real-world BEC attacks, dissecting the tactics used by adversaries, from social engineering and credential theft to the abuse of inbox rules for stealthy persistence. Attendees will gain insights into how attackers manipulate trust, bypass security measures, and execute fraudulent transactions—often without triggering traditional alerts.

Using real case studies, we’ll explore how inbox rules play a critical role in concealing fraudulent communications, intercepting emails, and evading detection. The session will also cover detection strategies and actionable defenses to help security teams stay ahead of BEC threats.

Whether you're in threat hunting, incident response, or security leadership, this talk will provide practical takeaways to better protect your organization from BEC attacks.