Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
How to prevent business email compromise attacks
#1
[Image: large.jpg]

Quote:Business email compromise (BEC) scams are low-tech attacks that use social engineering techniques to exploit natural human tendencies.

While they may not get as much attention from the press as high-profile ransomware attacks, BEC scams are considered one of the biggest threats facing companies today. Between June 2016 and July 2019, there were 32,367 successful BEC scams in the U.S., which cost U.S. businesses more than $3.5 billion, according to figures from the FBI.

Fortunately, there are some very effective and easy-to-implement strategies for stopping BEC attacks. In this post, we’ll show you how you can combine staff training, process implementation and authentication technology to protect your organization from BEC attacks.

What is business email compromise?
A BEC attack is a sophisticated scam that targets businesses and individuals who perform wire transfer payments.


Quote:Unlike regular email scams that are distributed to thousands or millions of users, BEC attacks are carefully planned and highly targeted.

A typical BEC scam involves an attacker gaining access to the email account of a C-suite executive via a phishing campaign, malware infection, password leak or brute force attack. The attacker monitors the compromised email account to learn the victim’s communication habits and gain a thorough understanding of the company’s routine processes and procedures.

Once the attacker has carried out their surveillance, they send an urgently worded email to a target, instructing the recipient to carry out an important request.

What makes the scam so convincing is the fact that the email is sent through legitimate communication channels and appears to be from a familiar and trusted business contact. The target often feels inclined to quickly process the request without question when the email appears to be sent from the target’s boss or boss’ boss.

Monetary gain is usually the primary goal of a BEC scam. Victims are deceived into believing they’re performing a regular transaction, when in reality they are transferring large sums of money directly into the bank account of the scammers.

In other cases, attackers may use BEC scams to extract employees’ personally identifiable information, which can be used in future attacks or sold on the black market.


Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How Do Hackers Hack Phones and How Can I Prevent It? mrtrout 0 457 06-02-2024 , 04:20 PM
Last Post: mrtrout
  DDoS attacks hit multiple email providers mrtrout 0 1,303 10-23-2021 , 09:03 AM
Last Post: mrtrout
  Here’s the Netflix account compromise Bugcrowd doesn’t want you to know about sidemoon 0 1,487 03-20-2020 , 07:17 PM
Last Post: sidemoon
  Rare Steganography Hack Can Compromise Fully Patched Websites tarekma7 0 1,646 07-31-2019 , 12:31 AM
Last Post: tarekma7
Exclamation Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits Mohammad.Poorya 0 1,808 12-11-2018 , 10:26 AM
Last Post: Mohammad.Poorya



Users browsing this thread: 1 Guest(s)