'Dual-channel' attacks are the new face of BEC in 2026 | Computer Weekly

'Dual-channel' attacks are the new face of BEC in 2026 | Computer Weekly

Briefly

"So-called 'dual-channel' attacks using multiple methods of communication either simultaneously or in sequence are becoming more prevalent as digital fraudsters seek out new ways to defeat cyber protections against business email compromise (BEC) scams, according to new data from security services supplier LevelBlue. BEC attacks - which spoof trusted entities, often c-suite executives, then use their identities to convince victims to transfer money into the attackers' pockets - have long been a bugbear for enterprise defenders."

"[BEC] continues to be one of the costliest cyber attacks as reported by the FBI's IC3, with over $2.7bn (£2bn) in adjusted losses in 2024 alone, wrote LevelBlue researcher Katrina Udquin. BEC attacks are not slowing down, and fraudsters continue to evolve their scamming techniques and arsenal, she said. According to LevelBlue, last year its systems observed a significant increase in BEC attacks in which the initial lure was a request for contact, seeking to establish the potential victim's mobile number or personal email address."

"Such request for contact lures are very often a precursor to a dual-channel attack seeking to move the conversation to an alternative platform. LevelBlue's systems tallied over 5,000 unique dual-channel attacks in 2025, and found that in 66% of them, the cyber fraudsters tried to move the conversation to traditional SMS messaging, in 32% of cases to messaging applications such as WhatsApp."