Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The Rising Threat of Business Email Compromise (BEC) and How to Stay Safe
#1
Information 
Quote:
[Image: heimdal-logo.svg]

Also, a preview of what Heimdal Security is doing about BEC attacks


Have you heard of the rising cyber-threat, business email compromise (BEC)?

The term covers a wide variety of malevolent behavior, but all forms of BEC have one thing in common: they need to get access to a business email account or to fake it.

In some cases, the BEC practice can refer to malicious actors spoofing or hacking into your business email account, in order to send fraudulent emails to your colleagues, employees or business partners.

In others, they could be spoofing or hacking into the business email account of a partner, in order to send you emails and gain an advantage from you.

In all cases, whenever malicious third parties can manage to compromise a business email, they will work to make it worth their time, and extort the maximum amount of money and data that they can get their hands on.

Business Email Compromise is a type of threat which can wreak havoc among companies big and small, with global losses amounting to over 12 billion U.S. dollars between October 2013 and May 2018, according to official FBI data.

Here’s how it works, how you can take the first steps to protect yourself, and what we are doing to help.

How Does Business Email Compromise Work?


First, let’s set a bit of context.

In 2017, over 77% of all companies experienced fraud via a BEC attack. Since Q4 2017 and Q4 2018, there’s been a spike of 476% in all business email compromise attempts, according to Proofpoint. That’s a pretty explosive growth and it’s clearly a growth fed only by how well these tactics work.

In the autumn of 2018, the Australian authorities also reported noticing a significant spike in all business email compromise incidents. In one case, a business owner lost $40,000 by paying a fake invoice to a supplier whose account had been compromised.

Some malicious hackers behind these attacks, like the London Blue group, are continuously specializing in perfecting their technique. Recent March reports indicate that BEC attacks may be moving to mobile lately, under the guise of SMS texts. In any case, the market for BEC opportunities remains ripe and will probably continue growing in the future, since other types of cyber attacks are costlier and require more technical knowledge than the basic BECs.

So how do BEC attacks work? Well, like all social engineering attacks, they rely on the human factor in order to be successful. This means that the innate human tendency to be a social creature is what is exploited here.

Because people have an innate desire to be helpful and to prove one’s usefulness, they are likely to fall victims to BEC attacks. The desire to say ‘yes’ to a request overrides the desire to double-check if everything is in order with that request in the first place.
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10
MultCloud 500GB Data Traffic Lifetime wi...
MultCloud offers a c...zevish — 07:59
O&O SafeErase Professional 17 Lifetime G...
O&O SafeErase Pr...zevish — 07:43

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>