Psychological Tactics in BEC

BEC success relies on sophisticated psychological manipulation:

Authority and Hierarchy: Messages exploit organizational power structures. Lower-level employees fear questioning executive requests, especially when marked confidential or urgent. Attackers emphasize consequences of non-compliance.

Urgency and Pressure: Time pressure prevents careful consideration. Attackers cite immediate deadlines, expiring opportunities, or impending disasters. They may claim to be traveling or in meetings, unavailable for verification.

Confidentiality Requirements: Requests often stress secrecy, claiming sensitive negotiations or legal matters. This discourages employees from seeking verification or discussing requests with colleagues.

Familiarity and Trust: Sophisticated attackers study communication patterns, using familiar phrases, sign-offs, and references to shared experiences. This familiarity breeds trust and reduces suspicion.

Incremental Commitment: Some attacks start with small requests or information gathering before escalating to large transfers. Initial compliance creates psychological commitment to continue.