👉 Business Email Compromise (BEC) in Switzerland: How SMEs Can Prevent Invoice and CEO Fraud (2026)
Business Email Compromise (BEC) is one of the most financially damaging cyber threats facing businesses today. Unlike ransomware or malware attacks, BEC often relies on social engineering rather than technical exploits.
For Swiss SMEs, even a single fraudulent payment can result in significant financial losses, disrupted operations, and damaged customer relationships.
This guide explains what Business Email Compromise is, how it works, and the practical measures every Swiss SME should take to reduce the risk.
What Is Business Email Compromise?
Business Email Compromise (BEC) is a form of cybercrime where attackers use email to manipulate employees into transferring money, revealing sensitive information, or changing payment details.
Unlike traditional phishing campaigns that target thousands of recipients, BEC attacks are usually carefully researched and highly targeted.
Attackers often spend days or weeks gathering information about a company before launching an attack.
Why Are Swiss SMEs Targeted?
Many small and medium-sized businesses assume cybercriminals only target large enterprises.
In reality, SMEs are attractive because they often have:
- Limited cybersecurity resources
- Small finance teams
- Less formal payment approval processes
- High trust between employees
- Limited security awareness training
Attackers know that a convincing email may be enough to bypass internal controls.
Common Types of BEC Attacks
CEO Fraud
An attacker impersonates the CEO or another executive and requests an urgent bank transfer.
Typical characteristics include:
- “Confidential request”
- “I’m in a meeting.”
- “This must be completed today.”
- Pressure to ignore normal approval procedures
The goal is to create urgency before employees have time to verify the request.
Invoice Fraud
Attackers impersonate a supplier and send updated payment instructions.
The invoice often looks legitimate and may even reference existing projects or purchase orders.
Instead of paying the supplier, the money is transferred to the attacker’s account.
Supplier Email Compromise
Instead of spoofing an email address, attackers sometimes compromise the supplier’s real mailbox.
This makes fraudulent payment requests much harder to detect because they originate from a legitimate account.
Payroll Fraud
Human Resources or payroll staff receive requests to:
- Change salary payment details
- Update employee bank accounts
- Modify tax information
Without proper verification, salaries may be redirected to criminals.
Warning Signs
Employees should be cautious when an email includes:
- Unexpected payment requests
- Changes to banking information
- Pressure to act immediately
- Requests to bypass internal procedures
- Slightly unusual wording or tone
- New email addresses for known contacts
Even professionally written emails should always be verified before large financial transactions.
Technical Controls That Reduce Risk
Technology cannot completely prevent BEC, but it significantly reduces exposure.
Swiss SMEs should implement:
- Multi-Factor Authentication (MFA)
- SPF, DKIM, and DMARC for email authentication
- Advanced spam and phishing protection
- Regular software updates
- Secure password management
- Logging and monitoring of administrator accounts
Strong identity protection makes account compromise much more difficult.
Business Controls Are Equally Important
Many successful BEC attacks bypass technical defenses entirely.
Simple business procedures are often more effective than expensive security products.
Recommended controls include:
- Two-person approval for large payments
- Telephone verification of new bank account details
- Approval limits based on payment amount
- Documented payment procedures
- Regular review of supplier information
A five-minute verification call can prevent substantial financial losses.
Employee Awareness Matters
Finance staff, executives, HR teams, and purchasing departments are common targets.
Employees should know:
- How BEC attacks work
- How attackers create urgency
- Why requests should always be verified
- How to report suspicious emails
Regular awareness training significantly reduces successful attacks.
What To Do If You Suspect a BEC Attack
If a suspicious payment request is received:
- Do not transfer money.
- Verify the request using a trusted communication channel.
- Report the incident internally.
- Preserve the original email.
- Inform your IT provider or security team.
If a fraudulent payment has already been made:
- Contact your bank immediately.
- Report the incident to law enforcement.
- Investigate whether any accounts have been compromised.
- Review email security settings.
- Assess whether personal data has been exposed.
Fast action increases the chances of recovering transferred funds.
Business Email Compromise vs. Phishing
Although related, these attacks differ in important ways.
| Phishing | Business Email Compromise |
|---|---|
| Usually targets many people | Targets specific individuals |
| Often delivers malware | Usually relies on social engineering |
| Goal is credential theft | Goal is financial fraud |
| Automated campaigns | Carefully planned attacks |
BEC often begins with phishing but focuses on financial manipulation rather than malware.
A Practical Checklist for Swiss SMEs
Review your organization against the following questions:
- Is MFA enabled for all business email accounts?
- Are payment changes verified by phone?
- Do large payments require two approvals?
- Are finance employees trained to recognize BEC?
- Are email authentication standards (SPF, DKIM, DMARC) configured?
- Are password managers used for business accounts?
- Is there an incident response procedure for financial fraud?
If several answers are “No”, improving these areas should be a priority.
Related Security Topics
Business Email Compromise is closely connected to other areas of cybersecurity.
You may also be interested in:
- Email and identity protection
- Password management
- Access management
- Phishing prevention
- Incident response
- Backup and business continuity
Together, these controls provide layered protection against modern email-based attacks.
Final Thoughts
Business Email Compromise is not a technical problem alone—it is a business risk.
Swiss SMEs can significantly reduce their exposure by combining:
- Strong identity protection
- Secure email authentication
- Well-defined payment procedures
- Employee awareness
- Clear incident response plans
Most BEC attacks succeed because criminals exploit trust rather than technology. By introducing simple verification processes and strengthening email security, SMEs can prevent many of the attacks that lead to financial loss.
Cybersecurity is not only about protecting systems—it is also about protecting business decisions.