top of page
Search
rubysimmons63

Business Email Compromise Attacks

Some government institutions and medical facilities that want to buy equipment unconsciously transfer money to hackers have finally found that the equipment requested is not there and their money is lost.



Also, in 2019, a group of attackers infiltrated and monitored Office 365 accounts from three financial organizations. After making a fake domain for these companies and for their partners, accounts, and banks, criminals shift certain emails to this fake domain. Using this type of "man-in-the-middle" approach, the group behind the attack managed to request and receive a transfer of money worth more than $ 1.2 million.


BEC campaigns usually use three different methods to disguise as legitimate email accounts:


Usually, the spoof striker's original email address, which can be done easily because the SMTP protocol does not offer an efficient way to validate the sender. Hackers use special or public SMTP servers to spread emails with fake addresses.


Second, the attackers register and send emails from domain names such as the actual domain they want to cheat. For example, registered domains may be examples. Unlike the legitimate domain name of example.com.



Third, the attacker uses phishing techniques to get control of the email account of the person they want to impersonate. They can then send emails from actual accounts for legitimacy that facilitate their success in asking and receiving money.


Stop the BEC attack.

First, train your staff regularly about modern fraud techniques like BEC. The best training is short, often, and focused. Organizations need to constantly train back and maintain the message of security awareness in front and middle through several channels, including bulletins, web pages, online lessons, webinars, or presentations.

Every time irreversible actions such as money transfers begin, the transaction details must be verified through additional methods such as voice communication and should not exclusively rely on email correspondence.


Review existing protocols, and separation of tasks for financial operations. Add additional controls, if necessary. Remember that the separation of tasks and other protection can be compromised by the threat of insiders, therefore risk reviews may need to be re-examined too.


Create new policies related to "Out of Band" transactions or urgent executive requests. Email from fellow Gmail or Yahoo account A worker must automatically raise the red flag to staff members, but they need to understand the latest techniques deployed by hackers. You need an official emergency procedure well understood by all team members.


Review and test your incident management and spam reporting system. Also, test your staff with the incident scenario simulation.


Protect your email traffic with an advanced email security layer. Make sure the e-mail security solution you use advanced phishing attack blocks like BEC. Decent email protection solutions will prevent the attack from reaching the employee mailbox.

Protect cellular browsers and endpoints with sophisticated cybersecurity solutions, which include preventing phishing websites.


Check the full email address in any message and be aware of the possible link containing misspellings from the original domain name.


Regularly monitor financial accounts for suspicious transactions.


Use two-factor authentication every time you try to enter the main application.


Do not provide insert credentials or personal information in response to an email.

1 view0 comments

Recent Posts

See All

Comments


bottom of page