--- title: "Something New: The Dual Impersonation Business Email Compromise Scam | Phish Protection" description: "Something New: The Dual Impersonation Business Email Compromise Scam: As far as phishing emails go, business email compromise BEC are amongst the most." image: "https://phishprotection.com/og/blog/something-new-the-dual-impersonation-business-email-compromise-scam.png" canonical: "https://phishprotection.com/blog/something-new-the-dual-impersonation-business-email-compromise-scam/" --- Quick Answer According to the article, "the initial emails detail a supposed acquisition of an Asian company, which the person receiving the email is told is both time-sensitive and secret, so shouldn't be discussed with anyone else." But here's where things get clever. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsomething-new-the-dual-impersonation-business-email-compromise-scam%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Something%20New%3A%20The%20Dual%20Impersonation%20Business%20Email%20Compromise%20Scam&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsomething-new-the-dual-impersonation-business-email-compromise-scam%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsomething-new-the-dual-impersonation-business-email-compromise-scam%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsomething-new-the-dual-impersonation-business-email-compromise-scam%2F&title=Something%20New%3A%20The%20Dual%20Impersonation%20Business%20Email%20Compromise%20Scam "Share on Reddit") [ ](mailto:?subject=Something%20New%3A%20The%20Dual%20Impersonation%20Business%20Email%20Compromise%20Scam&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fsomething-new-the-dual-impersonation-business-email-compromise-scam%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/07/phishing-prevention-tips-7865.jpg) _As far as phishing emails go, business email compromise (BEC) are amongst the most sophisticated_. In [BEC](https://en.wikipedia.org/wiki/Business%5Femail%5Fcompromise), “typically an attack targets specific employee roles within an organization by sending a **spoof email** which fraudulently represents a senior colleague (CEO or similar) or a trusted customer.” _BEC attacks take time and planning and patience_. After all, the attackers are attempting to impersonate a real person, so they have to be very convincing. Now word comes from [ZDNet](https://www.zdnet.com/article/phishing-attacks-this-sophisticated-new-group-has-been-operating-undiscovered-for-at-least-a-year/) of a sophisticated new group of Russian hackers targeting big companies around the world with [BEC phishing emails](/blog/is-this-the-most-successful-business-email-compromise-of-all-time/). Their clever new twist? They’re attempting to impersonate two people. According to the article, “the initial emails detail a supposed acquisition of an Asian company, which the person receiving the email is told is both time-sensitive and secret, so shouldn’t be discussed with anyone else.” But here’s where things get clever. “_Following the initial email, the ‘CEO’ then CCs in a lawyer to help complete the financial transaction_. The emails from law firms \[are\] almost entirely based on real practices in the UK. It’s after the ‘lawyer’ is involved that the attack finally **attempts to coerce** the victim into transferring the hundreds of thousands, sometimes millions, of dollars supposedly required for the acquisition that are directed to mule accounts in Hong Kong and then into the hands of the cyber criminals.” If you’ve been paying attention, first the hackers impersonate someone reaching out to the CEO about a company acquisition, then they impersonate their lawyer reaching out to them to complete the deal. _That’s quite a bit of impersonating and it doesn’t happen very often_, “It is very rare for a BEC group to use a dual impersonation scheme, which _demonstrates the amount of additional effort \[they’re\] willing to put into their attacks to make them more realistic_.” _It’s hard enough to defend yourself against a well-crafted BEC scam impersonating one person_. How are you supposed to defend yourself against dual impersonation? The same way. _With cloud-based **real-time email security** designed to sniff out ALL phishing emails_. ![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2020/07/phishing-prevention-tips-7865.jpg) It really doesn’t matter if it’s one spoofed email or a dozen, the same technology can be used to stop both. Technology like that available from [Phish Protection](/). _Phish Protection protects against all the techniques required to make BEC successful_. Techniques like domain name spoofing, display name spoofing and malicious attachments. Phish Protection also comes with **real-time link click protection** to stop the most sophisticated **phishing attacks** today: time-delayed phishing attacks. If you’re worried about BEC or any other type of phishing attack, check out Phish Protection. _It works with all major email providers, sets up in 10 minutes and costs just pennies per user per month_. Try it **free for 60 days**. ## Topics [ Phishing ](/tags/phishing/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Foundational 5m 0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[ Foundational 4m 13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[ Foundational 4m All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[ Foundational 4m 2021 Phishing Trends You Need To Be Wary Of Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Something New: The Dual Impersonation Business Email Compromise Scam","description":"Something New: The Dual Impersonation Business Email Compromise Scam: As far as phishing emails go, business email compromise BEC are amongst the most.","url":"https://phishprotection.com/blog/something-new-the-dual-impersonation-business-email-compromise-scam/","datePublished":"2020-07-16T11:36:47.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-07-16T11:36:47.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/something-new-the-dual-impersonation-business-email-compromise-scam/"},"articleSection":"foundational","keywords":"Phishing","wordCount":460,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/07/phishing-prevention-tips-7865.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Something New: The Dual Impersonation Business Email Compromise Scam","item":"https://phishprotection.com/blog/something-new-the-dual-impersonation-business-email-compromise-scam/"}]} ```