While headlines often feature enormous data breaches and large-scale infrastructure attacks through malware such as ransomware, another kind of cyber attack has been on the rise – sophisticated instances of social engineering known as business email compromise. In this article, we cover the trends and preventative measures for BEC attacks that were discussed by three members of EY’s Forensic & Integrity Services team at a recent webinar. “What we’re seeing in general around cyber attacks is that cyber criminals have moved away from targeting infrastructure alone,” said U.K. partner Ryan Rubin. “They’ve been very successful in targeting individuals and people within organizations. We suspect this might be the number one type of attack in 2018 that people will refer back to, rather than very complex cyberattacks that we also do see in the news.” See also “Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks” (Apr. 5, 2017).