In relation to BEC. BEC uses the High Profile Users to determine what accounts are applied extra BEC analysis. BEC is an extra layer of SPAM analysis that contains additional engines and features such as 'Writing Style Analysis' and is specifically designed to protect a specific user base of High Profile Users. The High Profile Users list gets an extra level of protection and due to the overheads involved it is limited to I believe 200 users.
Below is the documentation available in the online Help related to BEC and High Profile Users.
In relation to general prevention of spoofing that is not necessarily a BEC function (although as the developers advised us BEC analysis does as part of its solution take account of SPF settings). Anti-spoofing for the general user is more designed around implementing technologies such as SPF, DKIM and DMARC.
Below is the documentation available in the online Help related to Domain-based Authentication.
There is a very good section in the Best Practice Guide that deals specifically with addressing spoofed emails that are worth taking note of. See section 3.3 'Spoofed E-mail Protection' which is quite comprehensive in talking about SPF,DKIM and DMARC as well as implementing policies.