Beware Of Business Email Compromise (BEC) Attack
First, there was a time when only limited accounts were hacked, then this number gradually increased to thousands and millions. And now, cybercriminals are targeting big organizations in order to steal funds and precious data. This has been happening from a while, resulting in a loss of billion dollars, and this number is expected to grow rapidly, instead of coming down.
To target companies, cybercriminals are using Business Email Compromise (BEC) scams to pretend as an account owner in order to defraud the organization.
What Is Business Email Compromise (BEC)?
BEC, which also known as ‘Man-in-the-email attack’, is a compromise where active actors try to access particular organization’s account and pretends as the account owner. This is done to illegally obtain money from an organization and its partners, employees and clients by using fraudulent methods such as scam emails or malicious ads.
How Business Email Compromise (BEC) Works?
In BEC, actors create an account with the similar email address of organization, which is on the same hosted network, so that it builds trust between target and their email account. Most affected companies by BEC are the ones who uses wire transfers to pay international clients.
Attackers to trick their victims use various combinations, out of which the most common one involves gaining access to some an organization’s network with the use of spear-phishing attack with an amalgamation of some form of malware.
A bogus email is sent to employee as a trusted vendor, which requests for immediate wire transfer. The victim employee then transfers the money to the account, but he isn’t aware of the fact that account number the money is sent to, is already been altered by attackers. This altered account is linked and controlled by the perpetrators.
If the attackers stay undetected for a period, they will study all the ups and downs of an organization, its vendors to billing systems. Not only organization, but also its employees and customers are studied. And, if they stay undetected for a long time, then it becomes almost impossible to recover the given amount because of the various laundering techniques used by them.
Techniques Used For Business Email Compromise (BEC)
Here are some of the common techniques that attackers follow for business email compromise attack:
Fooling email accounts and websites: Little changes are made to the authentic and legitimate account address in order to trick targets. For example, legit account – email@example.com, hoax account – firstname.lastname@example.org.
Spear-phishing: Sending fake emails to force victims to reveal confidential and financial data to the attackers. These emails are displayed as if they were sent from some trusted user.
Malware: Attackers use malware to intercept networks and domains to get their hands on sensitive data and information of victim from their system.
How To Stay Safe From BEC?
There are several ways to stay safe from Business Email Compromise (BEC). Common techniques that are used include:
1. Intrusion Detection System Rules
Deploy a system to flag or mark emails with extensions that are identical to organization’s email network.
2. Email Rules
Mark emails where ‘Reply’ address is different from the ‘From’ email address.
3. Color Coding
With this, emails from employees and customers are displayed with one color and emails from external or illegitimate accounts appears in another color, which helps in detecting bogus emails as well.
4. Payment Verification
Make sure that your organization has a secure gateway and follows two-factor authentication process.
5. Confirmation Requests
Every time a transaction is made, a confirmation request should be sent to the person who is transferring amount for double verification.
If you found this helpful, please let us know. You can also drop your feedback in the comment section below.