At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    The Current State of Business Email Compromise Attacks

    Business Email Compromise (BEC) poses a growing threat to businesses of all sizes. As BEC attacks have almost doubled across the Verizon DBIR entire incident dataset and represent more than 50% of incidents within the social engineering pattern.

    Attackers use various tactics to access sensitive information, such as email account compromise and using a legitimate email address to initiate the attack.

    BEC attacks can occur in various ways, using a variety of methods. But what makes them different and arguably more dangers is they are driven by intent. BED attacks target specific individuals within organizations and have messages that are often personalized to the intended victim.

    These strategies include spoofing an existing email or website, or spearphishing (using emails that come from trusted sources). Read on to learn how these attacks work and how to protect yourself against them.

    Recognizing a Business Email Compromise Attack

    Running a business is complex, and with so many moving parts, attackers can attempt different angles, targeting C-level executives, shipping departments, billing, or IT.

    Both internal and external threats can occur but 83% of breaches involved external actors with Financial motives. With that, it’s best to explore several real-world attacks to learn from.

    CEO Fraud

    This type of attack involves a threat actor impersonating a C-suite individual, such as the CEO or CFO of a company. The attacker would then email an individual in the finance department requesting a fund transfer.

    The transferred funds would be directed to an account controlled by the attacker.

    To make the attack more effective, the threat actor may have researched their targets and attempted to match their language, terminology, style, and email address as closely as possible.

    If the target does not pay attention, they may fall for the ruse and transfer the funds.

    Account Compromise

    In a more insidious attack, an attacker may compromise an existing employee’s email account from the inside. With access to this compromised account, the attacker can then request payments to vendors that are accounts controlled by the attacker.

    For instance, Joe in the purchasing department could have their account compromised. His email could then send numerous requests to billing that seem like standard payment requests to vendors, usually for smaller amounts.

    Since the request comes from a trusted account, billing may not scrutinize it closely and pay the vendor. Additionally, larger companies may need more resources to audit every request, resulting in many missed requests.

    False Invoice Scheme

    An attacker may email a company requesting payment of an invoice, insisting that it is overdue for services rendered.

    An overworked billing department may not think twice about paying it, especially if the email and invoice look legitimate and mimic those of prior vendors.

    In addition, an attached PDF may contain malware, allowing for an account compromise attack.

    Data Theft

    A typical attack targeting human resource employees involves data theft. The objective is to gather personal and sensitive information about individuals in positions of power for reconnaissance purposes.

    With this information, an attacker can launch more sophisticated schemes, such as CEO Fraud, by leveraging the intimate details they have acquired to make their emails seem more believable.

    The Danger of Business Email Compromise Attacks

    As more and more business moves online, Business Email Compromise (BEC) attacks will become increasingly more common and challenging to detect.

    But, with proper education and vigilance on the part of employees, paired with a robust password policy such as one offered by Specops Password Policy, these attacks can be mitigated.

    Organizations want to avoid being on the receiving end of such an attack, especially one that can result in a huge finanical loss as 95% of all breaches are financially driven.

    By learning about the types of attacks and taking preventative measures, you can ensure your business is better protected.

    With thanks to Bleeping Computer and SpecOps Software. The full story is here: https://www.bleepingcomputer.com/news/security/the-current-state-of-business-email-compromise-attacks/

    Get Your CEO Fraud Prevention Manual

    CEO fraud has ruined the careers of many executives and loyal employees, causing over $26 billion in losses. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

    Get Your Manual!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ceo-fraud-prevention-manual-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top