MrTech Melbourne
All guides

Email

Business email compromise (BEC) — what to know

Invoice fraud, payroll redirection, and fake CEO requests — how Melbourne businesses reduce BEC risk.

By Jason.YPublished 14 June 2026Updated 4 June 20265 min read
Need help with this? Talk to our Cyber Security team
Business email compromise awareness
01

What BEC looks like

Attackers impersonate executives, suppliers, or staff via look-alike domains, compromised inboxes, or spoofed From addresses. Common asks: change bank details on an invoice, buy gift cards urgently, or approve a wire transfer.

02

Technical layers

Enforce DMARC with quarantine or reject, enable DKIM, train staff on external sender banners, and flag payments-related keywords. Conditional access and MFA stop many account takeovers that fuel BEC.

03

Process beats panic

Verify payment changes on a known phone number — not numbers in the email. Dual approval for transfers over a threshold. Separate duties between who requests and who approves payments.

04

If you are targeted

Isolate affected accounts, reset passwords, preserve headers, report to your bank immediately, and review mail forwarding rules attackers often add. Run authentication and blacklist checks to see if the domain is abused broadly.

Related service

This is part of our Cyber Security service for Melbourne businesses.

Explore Cyber Security

Try it now

Run the related tools

Need a hand?

Run the tools. Then talk to us.

Use our free diagnostics to see what is wrong, then get Melbourne IT support for the fix.

Keep reading

More guides