{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,18]],"date-time":"2026-06-18T14:07:47Z","timestamp":1781791667662,"version":"3.54.5"},"reference-count":52,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2023,9,2]],"date-time":"2023-09-02T00:00:00Z","timestamp":1693612800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>Business Email Compromise (BEC) attacks have emerged as serious threats to organizations in recent years, exploiting social engineering and malware to dupe victims into divulging confidential information and executing fraudulent transactions. This paper provides a comprehensive review of BEC attacks, including their principles, techniques, and impacts on enterprises. In light of the rising tide of BEC attacks globally and their significant financial impact on business, it is crucial to understand their modus operandi and adopt proactive measures to protect sensitive information and prevent financial losses. This study offers valuable recommendations and insights for organizations seeking to enhance their cybersecurity posture and mitigate the risks associated with BEC attacks. Moreover, we analyze the Greek landscape of cyberattacks, focusing on the existing regulatory framework and the measures taken to prevent and respond to cybercrime in accordance with the NIS Directives of the EU. By examining the Greek landscape, we gain insights into the effectiveness of countermeasures in this region, as well as the challenges and opportunities for improving cybersecurity practices.<\/jats:p>","DOI":"10.3390\/jcp3030029","type":"journal-article","created":{"date-parts":[[2023,9,4]],"date-time":"2023-09-04T02:59:55Z","timestamp":1693796395000},"page":"610-637","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["Business Email Compromise (BEC) Attacks: Threats, Vulnerabilities and Countermeasures\u2014A Perspective on the Greek Landscape"],"prefix":"10.3390","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-5505-1566","authenticated-orcid":false,"given":"Anastasios","family":"Papathanasiou","sequence":"first","affiliation":[{"name":"Cyber Crime Division, Hellenic Police, 173 Alexandras Avenue, 11522 Athens, Greece"},{"name":"Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-7197-2196","authenticated-orcid":false,"given":"George","family":"Liontos","sequence":"additional","affiliation":[{"name":"Department of Materials Science and Engineering, University of Ioannina, 45110 Ioannina, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1162-5490","authenticated-orcid":false,"given":"Vasiliki","family":"Liagkou","sequence":"additional","affiliation":[{"name":"Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5604-3507","authenticated-orcid":false,"given":"Euripidis","family":"Glavas","sequence":"additional","affiliation":[{"name":"Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,9,2]]},"reference":[{"key":"ref_1","first-page":"497","article-title":"Business email compromise (BEC) attacks","volume":"81","author":"Humayun","year":"2021","journal-title":"Mater. Today Proc."},{"key":"ref_2","unstructured":"Europol (2023, April 25). Internet Organized Crime Threat Assessment Report. Available online: https:\/\/www.europol.europa.eu\/publications-events\/main-reports\/internet-organised-crime-threat-assessment-iocta-2020."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"102449","DOI":"10.1016\/j.cose.2021.102449","article-title":"A Multi-Perspective malware detection approach through behavioral fusion of API call sequence","volume":"110","author":"Amer","year":"2021","journal-title":"Comput. Secur."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Europol (2023, April 25). Internet Organized Crime Threat Assessment Report. Available online: https:\/\/www.europol.europa.eu\/publications-events\/main-reports\/internet-organised-crime-threat-assessment-iocta-2021.","DOI":"10.1016\/S1361-3723(21)00125-1"},{"key":"ref_5","unstructured":"Kaspersky (2023, April 25). Separated by a Common Language: Is the C-Suite Able to Truly Decipher and Act upon the Real Threat of Cyber-Attacks?. Available online: https:\/\/go.kaspersky.com\/rs\/802-IJN-240\/images\/Kaspersky-Speaks-your-Language-1122.pdf."},{"key":"ref_6","unstructured":"Maleki, N. (2023, April 25). A Behavioral Based Detection Approach for Business Email Compromises. Available online: https:\/\/unbscholar.lib.unb.ca\/islandora\/object\/unbscholar%3A10122."},{"key":"ref_7","unstructured":"FBI (2023, April 25). Business Email Compromise and Real Estate Wire Fraud, Available online: https:\/\/www.fbi.gov\/file-repository\/fy-2022-fbi-congressional-report-business-email-compromise-and-real-estate-wire-fraud-111422.pdf\/view."},{"key":"ref_8","unstructured":"FBI (2023, April 25). Internet Crime Report, Available online: https:\/\/www.ic3.gov\/Media\/PDF\/AnnualReport\/2022IC3Report.pdf."},{"key":"ref_9","unstructured":"European Union Agency for Cybersecurity (2022). ENISA Threat Landscape 2022: July 2021 to July 2022, Publications Office."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"(2023, April 25). 2022 Data Breach Investigations Report. Available online: https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/.","DOI":"10.12968\/S1361-3723(22)70578-7"},{"key":"ref_11","unstructured":"Cloudflare (2023, April 25). Cloudflare Security Report. Available online: https:\/\/www.cloudflare.com\/resources\/assets\/slt3lc6tev37\/1vmmNMaaktXDk5iHxxDdCj\/ebe40635588eaafa15ab89944ff9a36b\/Cloudflare_Impact_Report_2021.pdf."},{"key":"ref_12","unstructured":"Cloudflare (2023, April 25). Cloudflare Security Report. Available online: https:\/\/cf-assets.www.cloudflare.com\/slt3lc6tev37\/4sivQSVRKbmDGL6VqSLLmM\/3f62dd0c9dd7534ca9b43d012ddd8635\/CloudflareArea1Whitepaper-HowtoStopBusinessEmailCompromiseMay2022.pdf."},{"key":"ref_13","unstructured":"Remorin, L., Flores, R., and Matsukawa, B. (2023, April 25). Tracking Trends in Business Email Compromise (BEC) Schemes. Available online: https:\/\/documents.trendmicro.com\/assets\/TrackingTrendsinBusinessEmailCompromise.pdf."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Jakobbson, M. (2016). Understanding Social Engineering Based Scams, Springer.","DOI":"10.1007\/978-1-4939-6457-4"},{"key":"ref_15","first-page":"113","article-title":"Advanced social engineering attacks","volume":"22","author":"Krombholz","year":"2015","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Hadnagy, C. (2018). Social Engineering: The Science of Human Hacking, John Wiley & Sons, Inc.. [2nd ed.].","DOI":"10.1002\/9781119433729"},{"key":"ref_17","unstructured":"Chapple, M., Stewart, J.M., and Gibson, D. (2021). (ISC)\u00c2\u00b2 CISSP Certified Information Systems Security Professional Official Study Guide, John Wiley and Sons. [9th ed.]."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Edwards, M., Peersman, C., and Rashid, A. (2017, January 3\u20137). Scamming the Scammers: Towards Automatic Detection of Persuasion in Advance Fee Frauds. Proceedings of the 26th International Conference on World Wide Web Companion\u2014WWW \u201917 Companion, Perth, Australia.","DOI":"10.1145\/3041021.3053889"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1016\/j.techsoc.2010.07.001","article-title":"An overview of social engineering malware: Trends, tactics, and implications","volume":"32","author":"Abraham","year":"2010","journal-title":"Technol. Soc."},{"key":"ref_20","unstructured":"Mitnick, K.D., and Simon, W.L. (2002). The art of Deception: Controlling the Human Element of Security, Wiley."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1201\/1086.1065898X\/46353.15.4.20060901\/95427.3","article-title":"Social Engineering: Concepts and Solutions","volume":"15","author":"Peltier","year":"2006","journal-title":"Inf. Syst. Secur."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Salahdine, F., and Kaabouch, N. (2019). Social Engineering Attacks: A Survey. Future Internet, 11.","DOI":"10.3390\/fi11040089"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Opazo, B., Whitteker, D., and Shing, C.C. (2017, January 29\u201331). Email trouble: Secrets of spoofing, the dangers of social engineering, and how we can help. Proceedings of the 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD), Guilin, China.","DOI":"10.1109\/FSKD.2017.8393226"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"A1","DOI":"10.2308\/ciia-52706","article-title":"Something Phish-y is Going On Here: A Teaching Case on Business Email Compromise","volume":"14","author":"Bakarich","year":"2020","journal-title":"Curr. Issues Audit."},{"key":"ref_25","unstructured":"Kaspersky (2023, April 25). Fighting Business Email Compromise with Kaspersky Security for Microsoft Office 365. Available online: https:\/\/www.kaspersky.com\/office365-security."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"e73","DOI":"10.1002\/spy2.73","article-title":"Contemplating social engineering studies and attack scenarios: A review study","volume":"2","author":"Yasin","year":"2019","journal-title":"Secur. Priv."},{"key":"ref_27","unstructured":"Bazzell, M. (2022). Open Source Intelligence Techniques: Resources for Searching and Analyzying Online Information, Amazon Digital Services. [9th ed.]."},{"key":"ref_28","unstructured":"Bitdefender (2023, April 25). GravityZone Email Security Repor. Available online: https:\/\/www.bitdefender.com\/content\/dam\/business\/b2b\/white-papers\/Bitdefender-GravityZone-Email-Security-Report.pdf."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Ometov, A., Bezzateev, S., M\u00c3\u00a4kitalo, N., Andreev, S., Mikkonen, T., and Koucheryavy, Y. (2018). Multi-Factor Authentication: A Survey. Cryptography, 2.","DOI":"10.3390\/cryptography2010001"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/S1361-3723(16)30079-3","article-title":"Fighting phishing and securing data with email authentication","volume":"2016","author":"Derouet","year":"2016","journal-title":"Comput. Fraud. Secur."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Teerakanok, S., Yasuki, H., and Uehara, T. (2020, January 11\u201314). A Practical Solution Against Business Email Compromise (BEC) Attack using Invoice Checksum. Proceedings of the 2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C), Macau, China.","DOI":"10.1109\/QRS-C51114.2020.00036"},{"key":"ref_32","first-page":"173","article-title":"Machine Learning Methods for Spam E-Mail Classification","volume":"3","author":"Awad","year":"2011","journal-title":"Int. J. Comput. Sci. Inf. Technol."},{"key":"ref_33","first-page":"14","article-title":"Introduction to Machine Learning, Neural Networks, and Deep Learning","volume":"9","author":"Choi","year":"2020","journal-title":"Transl. Vis. Sci. Technol."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Atlam, H.F., and Oluwatimilehin, O. (2023). Business Email Compromise Phishing Detection Based on Machine Learning: A Systematic Literature Review. Electronics, 12.","DOI":"10.3390\/electronics12010042"},{"key":"ref_35","unstructured":"Cidon, A., Gavish, L., Bleier, I., Korshun, N., Schweighauser, M., and Tsitkin, A. (2019, January 14\u201316). High Precision Detection of Business Email Compromise. Proceedings of the 28th USENIX Security Symposium (USENIX Security 19), Santa Clara, CA, USA."},{"key":"ref_36","unstructured":"Police, H. (2023, April 25). Cyber Crime Division. Available online: https:\/\/www.astynomia.gr\/hellenic-police\/special-services\/cyber-crime-division\/?lang=en."},{"key":"ref_37","unstructured":"(2023, April 25). Available online: https:\/\/csirt.cd.mil.gr\/el\/phishing-gr\/."},{"key":"ref_38","unstructured":"Concordia (2023, April 25). National Cyber Security Authority \u00e2\u20ac\u201c Ministry of Digital Governance (NCSA). Available online: https:\/\/www.concordia-h2020.eu\/consortium\/national-cyber-authority-ncsa\/."},{"key":"ref_39","first-page":"40","article-title":"The phenomenon of crime-as-a-service for the violent crimes in Dark Web","volume":"1","author":"Papathanasiou","year":"2017","journal-title":"Criminology"},{"key":"ref_40","unstructured":"Egmont Group Bulletin (2023, April 25). Business Email Compromise Fraud. Available online: https:\/\/egmontgroup.org\/wp-content\/uploads\/2021\/09\/2019_Egmont_Group_Bulletin_Business_Email_Compromise_Fraud.pdf."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"6664426","DOI":"10.1155\/2021\/6664426","article-title":"Next-Generation Digital Forensic Readiness BYOD Framework","volume":"2021","author":"Ali","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"1845","DOI":"10.1007\/s10586-020-03052-y","article-title":"European Strategy and Legislation for Cybersecurity: Implications for Portugal","volume":"23","author":"Carvalho","year":"2020","journal-title":"Clust. Comput."},{"key":"ref_43","unstructured":"(2023, April 25). Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 Concerning Measures for a High Common Level of Security of Network and Information Systems across the Union. Available online: https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=celex:32016L1148."},{"key":"ref_44","first-page":"e1","article-title":"NIS directive: The case of Greece","volume":"4","author":"Maglaras","year":"2018","journal-title":"EAI Endorsed Trans. Secur. Saf."},{"key":"ref_45","unstructured":"Greek Government Gazette (2023, April 25). Decision No. DIDAD\/F.11\/36\/29542\/1390, Available online: https:\/\/diavgeia.gov.gr\/doc\/%CE%A84%CE%A17465%CE%A7%CE%980-%CE%966%CE%A9?inline=true."},{"key":"ref_46","unstructured":"NIS Cooperation Group (2020). Annual Report NIS Directive Incidents 2019, NIS Cooperation Group, European Commission."},{"key":"ref_47","unstructured":"(2023, April 25). Cybersecurity in the EU: Overview of Challenges and State of Play. Available online: https:\/\/www.europarl.europa.eu\/RegData\/etudes\/BRIE\/2021\/689333\/EPRS_BRI(2021)689333_EN.pdf."},{"key":"ref_48","unstructured":"(2023, April 25). Proposal for a Directive on Measures for a High Common Level of Cybersecurity across the UNION. Available online: https:\/\/digital-strategy.ec.europa.eu\/en\/library\/proposal-directive-measures-high-common-level-cybersecurity-across-union."},{"key":"#cr-split#-ref_49.1","unstructured":"Parliament, E. (2022). Directive"},{"key":"#cr-split#-ref_49.2","unstructured":"(EU) 2022\/2555 of the European Parliament and of the Council of 21 March 2022 laying down measures for a high common level of cybersecurity across the Union. Off. J. Eur. Union, 1-87. Available online: https:\/\/eur-lex.europa.eu\/legalcontent\/136EN\/TXT\/PDF\/?uri=CELEX:32022L2555."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Christen, M., Gordijn, B., and Loi, M. (2020). The Ethics of Cybersecurity, Springer International Publishing.","DOI":"10.1007\/978-3-030-29053-5"},{"key":"ref_51","unstructured":"Kr\u00fcger, P., and Brauchle, J.P. (2023, April 25). The European Union, Cybersecurity, and the Financial Sector: A Primer. Carnegie Endowment for International Peace, March 2021, Massachusetts Avenue NW, Washington, U.S. Available online: https:\/\/carnegieendowment.org\/files\/Krueger_Brauchle_Cybersecurity_legislation.pdf."}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/3\/3\/29\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T20:45:17Z","timestamp":1760129117000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/3\/3\/29"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9,2]]},"references-count":52,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2023,9]]}},"alternative-id":["jcp3030029"],"URL":"https:\/\/doi.org\/10.3390\/jcp3030029","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,9,2]]}}}