The Menace of Business Email Compromise


Learn how to defend against a BEC and why frequent compromise assessments are a critical piece of the puzzle

Business Email Compromises (BECs) are a growing problem across a multitude of industries. Threat actors, such as Nigerian Confraternities, are the spearhead of this new genre of cyber fraud, triggering losses that run into the billions of dollars. While ransomware popularity peaked in 2017, many are calling 2018 the year of the BEC attack.

In this webcast, CrowdStrike experts will detail how to identify and defend against the threat posed by BECs. The topics discussed will include CrowdStrike’s new tool that fills a gap in identifying key indicators of a BEC attack during investigations. Experts will also discuss how to identify a BEC in the context of a broader compromise assessment focused on addressing current and past attackers.

In this session you will learn:

  • How BEC works and the nature of the threat that it poses to your organization
  • Examples from real-life BEC attacks and responses
  • Insight into Office 365 BEC investigative methodologies and data sources
  • Access to a new tool CrowdStrike is releasing to enable more comprehensive investigations
  • The role compromise assessments, including proactively reviewing email systems, can play in your security hygiene and how it can help protect against BEC

Featured Speakers

Bryan York

Director - Professional Services

Bryan has experience in both government and private sectors helping organizations manage cyber risk and respond to targeted cyber threats. He runs the CrowdStrike Services Central Region practice and is responsible for delivering cyber incident response services, as well as providing trusted advisory services for customers taking proactive measures to identify risks, detect threats and better secure their technology. Previously, Bryan worked for Ernst & Young and was a captain in the U. S. Air Force, where he served as a cyber operations officer.

David Hampton

Manager - Professional Services

David has spent nearly a decade focusing on the business side of cyber risk, large-scale incident response, and post-breach eDiscovery. He currently manages the CrowdStrike business for incident response and cyber-risk reduction for the Southern United States, Mexico, and South America. David has experience in facilitating hundreds of breach response engagements ranging from nation-state cyberattacks to financial extortion. He has consulted with law enforcement, government agencies, corporate/enterprise, and law firms throughout his career.

Jonathan Itzhaky

Senior Consultant - Professional Services

Jonathan spent nearly a decade in the U.S. Marine Corps defending computer networks on land and at sea. He has considerable experience designing secure networks, managing security operation centers, and conducting security assessments. Jonathan currently serves as CrowdStrike’s leading technical expert on Business Email Compromises in Office 365. He has investigated dozens of incidents involving Office 365 in both the private and public sectors. In addition to his work on Office 365, Jonathan also manages incident response investigations for compromises of all types across the country.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center