Understanding Business Email Compromise Attacks and What can we do to Prevent Them

    Nov 29, 2019 11:00:00 AM Keeran Networks Business Email Compromise

    Yet another kind of social engineering technique that exploits human tendencies – Business Email Compromise (BEC) scams are bothering corporate houses at a vast scale. The attackers send fraudulent emails to the targeted firm and ask employees to make unauthorized bank transfers.

    Not just funds, the hackers also steal personally identifiable information that can be used in some other sort of scam.

    However, for most firms who’re trying to recover their losses through a cyber insurance policy, it’s a different kind of dilemma — covering the fraud is difficult.

    Unlike other cyber-attacks, BEC does not occur because of the failure of technology or breach of your system. It happens because of the people and inefficient cybersecurity procedures.

    Understanding Business Email Compromise Attacks

    Regular email scams are distributed to millions of users, but BEC attacks are carefully planned and highly targeted.

    The attacker may try to gain access to the email account of a C-suite executive via a phishing campaign, malware infection, password leak, etc. The compromised email account allows the attacker to learn the victim’s communication habits, understand the company’s routine process and procedures.

    After carrying out careful surveillance, the attacker sends an urgently worded email to the target. This email instructs the recipient to carry out a critical request.

    What makes this so convincing? The email sent to the target is through legitimate communication channels. It appears to be from a familiar and trusted business contact, and the target feels it as an obligation to process the request quickly.

    Victims feel that they’re performing a regular transaction. However, in reality, they’re directly sending a large amount of money to the account of the scammers.

    How to Prevent Business Email Compromise Attacks?

    BEC requires a layered approach — multiple checks and controls. We should include three main components: staff training, company policy and email authentication technology.

    Training Your Staff

    We need to understand that the company’s employees are the most important line of defence against BEC attacks. Training staff helps in recognizing the signs of a scam. It can go a long way in reducing the risk of compromise and preventing fraud.

    While BEC attacks tend to focus on the C-suite and other higher-ups with financial authority, the initial point of entry can happen at any level. This makes it especially crucial for the staff to receive regular training on how to identify and respond to BEC attacks.

    Preventing Initial Access to a Corporate Email Account

    In order to carry out a BEC scam, attackers first need to gain access to a company’s email account. If we can prevent this initial point of compromise, the companies will be able to avoid many BEC attacks. Here are some of the methods attackers can gain access to corporate email accounts:

    Domain Name Spoofing: This involves forging the sender’s address so that it appears an email was sent by someone else. Check the source code of the email and locate the “reply-to “field. If the reply-to address is different from the sender’s address, the email could be BEC.

    Display Name Spoofing: Attackers impersonate someone trusted within the company and hope the recipient will simply look at the display name. Usually, display name spoofing is immune to verification technologies, so the simple solution is to encourage staff to check the sender’s email address.

    Phishing: Traditional phishing techniques are a common way of gaining initial access to an email account. Staff should remain vigilant of emails that create a sense of urgency. Phishing emails are usually worded with psychological triggers and demand immediate actions. Some of the common examples of phishing email subject lines are — password check required immediately, urgent press release to all employees, you have a new voicemail, etc.

    BEC attacks are one of the biggest cybersecurity concerns for organizations today. Scammers usually impersonate people in a position to gain a psychological advantage over their targets. You must encourage your employees to be mindful and check whether the communication is out of the ordinary. It’s all about fostering a proactive attitude towards security.

    Need to consult with leading cybersecurity advisors? Get in touch with the Keeran Networks team today.


    Keeran Networks

    Written by Keeran Networks