中文摘要：

商務電子郵件詐騙（Business Email Compromise，簡稱BEC）利用商
業往來雙方之信賴，以電子郵件方式施行詐術，進而取得財物，受害之企業
人數及金額為數甚多，部分企業因為受詐騙而隱忍，不願意報案，導致實際
上受害之人數可能更多，凡此均形成社會之隱形成本，因此透過蒐集BEC 及
社交工程之資料，對於受騙個案進行根本原因分析，提出改善之方案供其他
企業參考或預防。
本研究針對受害公司，記錄事發之過程，並對事件發生之原因加以探討，
使用特性要因圖（即魚骨圖）之方式作為根本原因分析工具，發現根本原因
主要在於流程部分以及人員方面，並據此提出改善建議。

英文摘要：

Business Email Compromise (BEC) takes advantage of trust between both
parties in business dealings, obtaining money from business through deceptive
emails. The number and amount of the victims are very large. Some victim
companies are forbearance and unwilling to report to the aurhorities. BEC cases
may actually result in more people being victimized, and all this constitutes the hidden cost of society. Therefore, by collecting BEC and social engineering data, the root cause analysis of the fraud cases is conducted, and improvement plans are proposed for other companies to refer to or prevent.
This research aims at the victim company, records the process of the
incident, and explores the cause of the incident. Using the cause-and-effect
diagram (fishbone diagram) as a root cause analysis tool, it is found that the root cause is mainly in the process part and the personnel. Based on this, suggestions for improvement are put forward.

文章連結：

https://hdl.handle.net/11296/729ync

資料來源：

臺灣博碩士論文知識加值系統