The Evolving Threat of BEC Attacks
Business Email Compromise (BEC), also known as CEO fraud, is a targeted, skillfully crafted, and rapidly growing cybersecurity threat that involves social engineering techniques (mostly email scams) to trick victims into transferring funds or revealing sensitive data, such as company secrets.
According to the 2020 Internet Crime Report released by the FBI’s Internet Crime Complaint Center (IC3), 19,369 BEC complaints were registered that inflicted $1.8 billion losses in the US for that year.
What is the Aim of BEC?
The BEC attack aims to deceive the company’s employees into thinking that they have received a legitimate business-related email and convince them into doing something that they believe is necessary or good for their company.
Is it possible for an employee to ignore the email sent by his or her boss? Scammers believe that no one can do this. That is the reason these fraudsters are good at mimicking corporate executives or bosses. The FBI reported that these cyber-thugs spoof messages from the “boss” to trick people working in the company into sending money at their request. As a result, organizations have suffered some $2.3 billion in lossed due to this one scam.
Cyber-criminals behave like your boss. For example, they might ask how your recent vacation went, congratulate you on your new promotion, inform you about salary incentives, but they might just be hackers who want to know your company’s secrets or steal funds. They use you and your colleagures to ply their trade as most employees openly share information about themselves and colleagure on social media platforms; effectively given these thieves all they need to make themselves appear to be the real deal.
What Is the Potential Impact of BEC Attacks?
The finance departments of organizations are more vulnerable to BEC attacks. Scammers often send seemingly legitimate requests to finance departments to withdraw funds.
In the event of a compromise, organizations can suffer financial losses, reputational damage, and compliance issues. It has been difficult for the affected company to survive and thrive in any competitive industry. As a result, the company will serious losses, significant production delays or the entire business will come to a standstill, potentially leading to bankruptcy.
Remedies: How BEC Attacks Can Be Prevented?
Traditional security tools are ineffective against BEC attacks because social engineering techniques usually capitalize on human errors. For this reason, the role of employees in avoiding BEC attacks is crucial.
- According to Jed Kafetz, head of penetration testing at Redscan, “Employees working in finance departments still tend to be at the greatest risk of being targeted by BEC attacks, but attacks against IT, HR and sales teams are also increasingly common.” Organizations must train their finance-related employees to thwart BEC attacks.
- If you receive an email, beware of the sudden urgency or time-sensitive issues. FBI warns that phrases like “urgent wire transfer,” or “urgent invoice payment” are used for fraudulent purposes.
- Beware of the emails that include awkward wordings and misspellings. Bad grammar and typos in emails are always suspicious.
- Avoid gift cards and tax scams.
- Use Two-Factor Authentication (2FA) for your business email account.
- According to Adrien Gendre, a chief solution architect at Vade Secure, enterprises must formulate policies to verify emails that involve sensitive requests. For example, you need to make a confirmation through a phone call before transferring money.
- Deploy phishing simulation program along with robust training to teach employees about how to avert BEC attacks, including phishing scams.
- Deploy email spam filters to detect suspicious emails. You can use SolarWinds, SpamTitan, SPAM fighter, Comodo Dome Antispam, and Symantec Mail Security for Microsoft Exchange.
References
- https://blog.avast.com/business-email-compromise-attacks-avast
- https://www.proofpoint.com/us/threat-reference/business-email-compromise
- https://www.trendmicro.com/vinfo/us/security/definition/business-email-compromise-(bec)
- https://www.barracuda.com/glossary/business-email-compromise#:~:text=Business%20Email%20Compromise%20(BEC)%20is,its%20employees%2C%20customers%20or%20partners
- https://www.bankinfosecurity.com/attackers-keep-refining-business-email-compromise-schemes-a-17432