Business email compromise (BEC) attacks are one of the most financially damaging cyber crimes and have been on the rise over the past year. Spoofed email accounts or websites were the most experienced form of a BEC attack. This is followed by spear phishing (69%) and malware (24%) The majority of organizations operating on a fully remote or hybrid work schedule, the floodgates for cybercriminals have been opened. Remote employees and finance departments hardest hit by BEC attacks.
Source: https://www.helpnetsecurity.com/2021/06/25/bec-attacks-past-year/