Impersonation made up 82% of all BEC incidents in Q4 2025.

Diversion tactics (fraudulent invoices, fake payroll requests) accounted for 18% of BEC incidents in Q4 2025.

In Q4 2025, CEOs and senior executives accounted for 50% of impersonation-based BEC emails and 41% of total BEC incidents.

In Q4 2025, Business Email Compromise accounted for 51% of all email fraud cases.

31% of leaders at financial services firms say they are unprepared to recover effectively from a Business Email Compromise.

53% of healthcare organizations believe their organizations are vulnerable or highly vulnerable to a BEC/spoofing/impersonation incident.

In 2022, 64% of respondents from healthcare organizations said their organizations were very or highly vulnerable to BEC/spoofing/impersonation attacks.

52% of healthcare organizations were vulnerable or highly vulnerable to a BEC/spoofing/impersonation incident in 2024.

56% of organizations noted preparedness for business email compromise.

Impersonation is the most common technique in BEC scams, with 82% of attempts targeting CEOs and executives.

After CEOs and executives, the remaining BEC impersonation efforts are aimed at directors and managers (9%), HR personnel (4%), IT staff (3%), and school heads (2%).

Norwegian language use in BEC scams is 1.5%.

Swedish and Norwegian targets comprise a combined 19% of BEC targets.

A significant portion of BEC targets are Danish, at 38%.

For Business Email Compromise (BEC) attacks, English-speaking executives remain the most targeted at 42%.

The strategic use of Danish language in BEC scams is 11.9%.

Swedish language use in BEC scams is 3.8%.

Non-Business Email Compromise (BEC) incidents rose by 214%.

Repeat engagement with VEC in EMEA is the highest of any region, over twice that of BEC.

Conversely, EMEA organisations show the highest reporting rate for BEC, at 4.22%