A targeted cyber attack where threat actors impersonate a trusted executive or vendor to trick employees into transferring funds or sharing sensitive information. BEC scams often rely on social engineering and lack obvious red flags like attachments or links.