Email Compromise, hacked emailAccording to a report by the Financial Crimes Enforcement Network (FinCEN) released in July, financial institutions have incurred more than $9 billion in losses due to Business Email Compromise (BEC) schemes since 2016. With such staggering losses, businesses and even individuals can’t afford to ignore BEC attacks.

What is BEC?

BEC fraud involves cyber thieves posing as company executives or a business contact with the intention to commit wire transfer fraud or obtain sensitive information. The main targets are businesses working with foreign suppliers or a business that carries out regular wire-transfer payments.

To carry out this attack, criminals might pretend to be the company CEO and request that a junior staff member perform a task for them, such as transferring funds. Attackers take advantage of the fact that most organizations don’t have a set procedure to verify instructions received from the top management.

How Attackers Collect Data from their Targets

Cyber criminals use various techniques to carry out BEC fraud, with the main aim of stealing funds from the victims. The techniques used include:

  • Imposter techniques – this can be carried out in various ways. Attackers use a look-alike domain, display-name deception and spoofed emails that appear to come from legitimate addresses.
  • Social engineering – when a target has not set appropriate privacy settings on social media accounts, an attacker can easily collect information that will make their requests sound legitimate.
  • Malware – this enables attackers to have access to sensitive information that makes the fake request sound legitimate.
  • Mining from the Dark Web – here attackers can obtain stolen credentials.

How to Avoid BEC Attacks

It is difficult for conventional security systems to detect BEC schemes. Consider a case in which a transaction is initiated willingly by a legitimate user in response to a request from a legitimate source. Such an email has no payloads such as malicious attachments that can be blocked.

Here are some methods to help reduce the possibility of these attacks:

  • Raising awareness of common attack scenarios or tactics used by the cyber criminals, such as a false domain name that looks almost like the original one, impersonation of a vendor, false sense of urgency or a request for secrecy.
  • Training employees on cyber security risks and implications.
  • Implementing email authentication protocols like Domain-Based Message  Authentication, Reporting and Conformance (DMARC) and email authentication, such as DomainKeys Identified Mail (DKIM).
  • Using layered defense, such as encryption, and virtual private networks.
  • Implementing a multifactor authentication that will introduce a secondary authorization control. This will help stop attackers even when they have access to the target’s credentials.
  • Establishing communication protocols that will allow for a follow-up. For instance, if the person is requesting financial transactions, an employee should call to ascertain the request.
  • Scrutinizing all emails that request for fund transfer.
  • Monitoring incoming email, especially those that use VIP names.
  • Optimizing accounting systems and controls.

Final Thoughts

Apart from taking precautionary measures, businesses also should make sure that their insurance specifically covers BEC attacks, as courts might have different interpretations of policies. Consider the case of Apache Corporation, which lost $7million due to a BEC attack. The judge ruled that since the money was sent to pay a legitimate invoice to the wrong bank, it was not covered by their insurance policy.

Note that a majority of these criminals are from countries that might not have strict laws on cybercrime, making it difficult to have them prosecuted.

So, whether you run a small, medium or large business, or even a personal account, it’s vital that you take precautionary measures against the increasing BEC schemes.


67 Comments

Xzgdgi · October 18, 2024 at 10:36 am

cleocin online – buy clindamycin tablets order indomethacin 50mg pills

Mcuwwa · October 20, 2024 at 8:28 am

losartan 25mg price – keflex without prescription order cephalexin 125mg pills

Piuuqb · October 23, 2024 at 4:58 am

crotamiton medication – aczone usa aczone over the counter

Yyrpwv · October 25, 2024 at 2:05 am

order modafinil without prescription – promethazine 25mg drug melatonin 3mg usa

JefferyTople · October 25, 2024 at 6:03 am

на этом сайте https://zelenka.guru

PatrickEnrib · October 26, 2024 at 3:13 pm

посмотреть на этом сайте https://zelenka.guru/articles/

RobertPal · October 27, 2024 at 10:44 pm

страница https://lzt.market

Niwhea · October 27, 2024 at 11:19 pm

bupropion 150mg over the counter – orlistat drug cheap shuddha guggulu generic

Miguelraips · October 28, 2024 at 3:36 am

нажмите https://omgomgonion.com

Miguelraips · October 28, 2024 at 10:03 am

нажмите здесь https://omgomgomg5j4yrr4mjdv3h5c5xfvxt.com/

Zlnotq · October 31, 2024 at 4:43 am

where to buy capecitabine without a prescription – buy mefenamic acid pill danazol 100 mg canada

Brentniz · October 31, 2024 at 9:21 pm

взгляните на сайте здесь https://blackspruttor.com/

EugeneEteta · November 1, 2024 at 11:13 am

go to this site https://imimapply.com/2024/09/21/page-266/

Badllz · November 1, 2024 at 6:34 pm

buy prometrium pills for sale – order ponstel for sale buy clomiphene

Dddwgr · November 5, 2024 at 11:00 pm

alendronate 70mg cheap – buy cheap medroxyprogesterone medroxyprogesterone 5mg over the counter

Ezlzrw · November 7, 2024 at 5:59 pm

norethindrone buy online – purchase lumigan generic purchase yasmin

Bannacy · November 11, 2024 at 6:10 pm

03 And what we discovered free samples of priligy

RobertSof · November 13, 2024 at 3:10 am

здесь megaweb 10 at – мега ссылки, megaweb9 at

Cenqlg · November 13, 2024 at 4:04 am

estrace 2mg us – estrace 2mg oral order anastrozole

Tikccn · November 13, 2024 at 7:07 pm

dostinex over the counter – buy cabergoline 0.5mg for sale alesse brand

JamesLap · November 14, 2024 at 5:45 pm

check my blog https://hottopcasino.com/news/

JamesLap · November 15, 2024 at 12:51 am

his response https://casinomira.com/

Gfuvhc · November 20, 2024 at 12:14 am

プレドニンジェネリック йЂљиІ© – アジスロマイシンの購入 г‚ёг‚№гѓ­гѓћгѓѓг‚Ї её‚иІ© гЃЉгЃ™гЃ™г‚Ѓ

Petsvz · November 20, 2024 at 12:37 am

バイアグラ и–¬е±ЂгЃ§иІ·гЃ€г‚‹ – г‚їгѓЂгѓ©гѓ•г‚Јгѓ« гЃ©гЃ“гЃ§иІ·гЃ€г‚‹ г‚їгѓЂгѓ©гѓ•г‚Јгѓ« еЂ‹дєєијёе…Ґ гЃЉгЃ™гЃ™г‚Ѓ

Dgeopv · November 25, 2024 at 12:09 am

гѓ—гѓ¬гѓ‰гѓ‹гѓійЂљиІ©гЃ§иІ·гЃ€гЃѕгЃ™гЃ‹ – ドキシサイクリン錠 200 mg еј·гЃ• イソトレチノイン е‰ЇдЅњз”Ё

Herbertswell · November 29, 2024 at 3:30 pm

интернет https://noneotech.com/Kraken.html

Zacharychava · November 30, 2024 at 12:23 am

читать https://noneotech.com/Kraken.html

RichardSlece · December 1, 2024 at 3:57 am

посетить веб-сайт https://securiweb.be/kraken_ssilka.html

Uavazp · December 1, 2024 at 7:45 am

eriacta threaten – apcalis warm forzest heart

RomanSlorm · December 1, 2024 at 4:16 pm

visit our website https://web-sollet.com

RomanSlorm · December 1, 2024 at 5:20 pm

browse around this web-site https://web-sollet.com/

RomanSlorm · December 1, 2024 at 9:58 pm

more tips here https://web-sollet.com/

Thomasswirl · December 2, 2024 at 5:53 am

в этом разделе https://kazlenta.kz/pavlodar/

Thomasswirl · December 2, 2024 at 2:02 pm

страница https://kazlenta.kz/almaty/

RichardTrola · December 3, 2024 at 5:28 pm

перейти на сайт https://xn—-7sbbajqthmir8bngi.xn--p1acf/mundzharo-mounjaro/

Darrinjoubs · December 3, 2024 at 5:30 pm

click over here term paper

HenryDouts · December 3, 2024 at 7:47 pm

сова гг обмен валют – sova gg сайт, бестчендж сова гг

HenryDouts · December 4, 2024 at 12:12 am

сова обменник – сова гг обмен валют, сова гг официальный сайт

Jamesimash · December 4, 2024 at 1:23 am

перейти на сайт
гидроаккумулятор производство мдф

EdwardCen · December 4, 2024 at 1:36 pm

Читать далее
установка воздушного отопления

Danieldub · December 4, 2024 at 5:10 pm

кликните сюда
рецифист

DennisGueft · December 4, 2024 at 7:19 pm

узнать больше грунтовка по металлу серая гф 021

Patricklar · December 4, 2024 at 9:04 pm

mega онион – mega ссылка зеркало рабочее, мега рабочая ссылка

RonaldMuh · December 5, 2024 at 8:39 am

посмотреть на этом сайте https://dbshop.ru/

Kevinplels · December 5, 2024 at 9:06 am

посетить сайт
запись на прием ленина 100

Kevinplels · December 5, 2024 at 8:58 pm

продолжить
близорукость ижевск

Dennistaict · December 5, 2024 at 10:47 pm

перейдите на этот сайт
прайс лазерная резка

Patricklar · December 6, 2024 at 12:02 am

mega market – адрес mega, тор mega

Ngtics · December 6, 2024 at 8:43 pm

buy generic crixivan – buy indinavir order diclofenac gel for sale

LarryGoade · December 6, 2024 at 11:52 pm

можно проверить ЗДЕСЬ

Ixboen · December 9, 2024 at 2:58 am

valif online rapid – order secnidazole sinemet 10mg us

Randycop · December 9, 2024 at 3:49 pm

здесь city exchange обменник

Leonardcig · December 9, 2024 at 3:51 pm

why not look here buy canada sin

Leonardcig · December 9, 2024 at 4:45 pm

discover this fullz no vbv cc

Leonardcig · December 9, 2024 at 8:36 pm

navigate to these guys ssn dob dl shop

Shawnsessy · December 11, 2024 at 10:06 am

зеленый мир не работает – зеленый мир ссылка зеркало, Зеленый мир

JeffreyThods · December 11, 2024 at 10:42 pm

the original source Get SMS without phone

Shaunhig · December 11, 2024 at 11:31 pm

nova официальная ссылка – нова зеркало, nova вход

JasonJuind · December 12, 2024 at 1:37 am

кракен ссылка зеркало – кракен ссылка зеркало, kraken маркетплейс

JasonJuind · December 12, 2024 at 2:34 am

kraken onion зеркало – кракен зеркало, кракен зеркало рабочее

Williamhit · December 12, 2024 at 8:54 am

jaxx app – jaxx download, jaxx wallet download

Chaogy · December 12, 2024 at 6:50 pm

how to get modafinil without a prescription – modafinil 100mg us lamivudine pills

Darrellfuh · December 12, 2024 at 9:53 pm

jaxx liberty download – jaxx liberty download, jaxx download

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *