Did you know: 60 percent of the business email compromise (BEC) attack are hard to detect because they don’t involve a malicious link.

• They are intended to start a conversation with the recipient — and eventually persuade the target to authorize a wire transfer or send sensitive information.
• 46.9 percent of attacks tried to initiate a wire transfer, while 40.1 percent pushed victims to click on a malicious link
• (Big surprise) Almost half of the impersonated roles and more than half of targets are not of ‘sensitive’ positions. 

https://threatpost.com/threatlist-60-of-bec-attacks-fly-under-the-radar/137156/