Business Email Compromise (BEC) Response Services

Fraudulent wire transfer requests. Spam or phishing emails sent from your domain. Missing or deleted emails. These are all signs of unauthorized access to your email systems, commonly known as business email compromise (BEC).

BEC response services

If you suspect unauthorized email access, Unit 42 can help you:
  • Contain the email intrusion incident
  • Identify the window of compromise
  • Investigate attacker activity in the account
  • Determine if more accounts were breached
  • Review accessed data to quantify sensitive information at risk
  • Recommend new safeguards
  • Prepare for a future attack with a
    BEC Readiness Assessment


Fast response from email attack experts

Relevant experience

Relevant experience

From Google Workspace to Microsoft 365 and one exposed mailbox to thousands, Unit 42 experts have responded to more than 1,000 BEC incidents. We understand threat actor tactics and deploy countermeasures designed for speed and effectiveness.

See our threat report


We move fast to help our clients. Everything we do, from deployment to analysis and delivery of findings, is built for speed. We activate our incident response teams within minutes, integrating the specialized skill sets needed - from forensic consultants to malware analysts and team leaders.

Powerful proprietary technology

Powerful proprietary technology

Using our suite of advanced technology alongside proprietary collection and analysis tools, we can quickly and thoroughly investigate email attacks, saving you money and getting you back to business faster.


Respond. Recover. Develop new safeguards.

Take action against escalating email attacks

Take action against escalating email attacks

  • Expert, tactical incident containment services

  • Understanding of email attacks and forensic artifacts

  • Countermeasures to eliminate threats

  • Tools to assess and recover from an attack