How can employers help prevent Business Email Compromise?

5 tips for plan sponsors to help prevent BEC and EAC

Oct 01, 2025

The growing threat of cybercrime 

As our lives become increasingly intertwined with digital technologies, cybercriminals are seizing new opportunities to exploit these expanded online connections. The FBI continues to see a surge in cybercrimes with a record $16.6 billion in losses reported in 2024, up 33% from 2023.1

  • Over the last five years, the FBI’s Internet Crime Complaint Center (IC3) received a total of 4.2 million cyber-related complaints, with total losses of over $50.5 billion.1
  • Business Email Compromise (BEC) scams continue to be a major concern, accounting for 21,442 complaints with losses of over $2.77 billion in 2024. 1

What is Business Email Compromise (BEC)?

BEC, also know as email account compromise (EAC), is a scam in which the cyber-criminal compromises the email accounts of victims to send fraudulent payment instructions and/or uses email to impersonate a business executive to access employee payroll, W2 information or steal data. While criminals can target virtually any industry, the health care, education, government and corporate sectors are especially vulnerable to exploitations.

Actionable steps for employers to prevent BEC

  1. Alert, educate and train your workforce on the potential threat of BEC, including preventative strategies.
  2. Instruct employees on how to handle suspicious emails, especially emails with hyperlinks.
  3. Direct employees to channel suspicious emails to a designated department, like IT security.
  4. Monitor employee logins and logins after hours.
  5. Restrict access to sensitive information and enable multi-factor authentication.

 

The FBI requests BEC victims file a complaint, regardless of dollar loss or date of the incident, with the IC3.

 

Securing your today and protecting your tomorrow

Our security measures are continuously evolving to match and anticipate threats, keeping your and your employees’ information safe. Learn how we are proactively preventing fraud with cybersecurity, as well as more tips and actions employers can take.

 

 

Related Items

1 FBI’s Internet Crime Report 2024

This information is provided by Voya for your education only. Neither Voya nor its representatives offer tax or legal advice. Please consult your tax or legal advisor before making a tax-related investment/insurance decision.

Products and services offered through the Voya® family of companies..

CN4846423_0927