Enterprise security is crucial and legitimate business interests can be impaired with a compromised email system. It is necessary to safeguard a company’s finances and privacy in order to empower employees as well as ensure business longevity.
Business email compromise (BEC) which is one of the growing security threats is a type of scam that targets companies by using email frauds. It affects businesses of all sizes and according to reports, the BEC scams have cost businesses more than $26 billion since mid-2016.
The BEC attackers depend upon techniques like social engineering, phishing and fraudulent activities to fool unsuspecting employees. The cyber criminals impersonate themselves as financial officers and CEOs and trick the victims to transfer money to unauthorized accounts.
As of now, BEC is ahead of ransomware, data breaches caused by hackers or employees, impersonation fraud, virus or malware infections, system failures or outages, physical loss of assets such as stolen laptops and all other types of claims.
How to detect BEC attacks
It is very difficult to detect a BEC attacks from a technical perspective. Even tech giants like Google and Facebook were not able to escape form a BEC attack. Both companies have reported to have lost an estimated $123 million to BEC attacks in 2017 alone.
Google and Facebook lost millions
A Lithuanian man, Evaldas Rimasauskas impersonated as a vendor and sent invoices for computer equipment to Google and Facebook.
Rimasauskas used the name of a famous Taiwanese-based computer products vendor and registered and incorporated a company in Latvia. He used that name and sent emails to both the companies.
The scam lasted for two years and the hacker managed to convince Facebook and Google employees to transfer him millions of dollars. Later the scam was detected and the funds were recovered. This could have been prevented by a good security awareness program.
BEC attack Red Flags
The main targets for a BEC attack are always finance and payroll employees. Here are the nine red flags which an employee must look for.
- Check if the ‘Reply to’ email address matches with ‘From’ email address
- If the vendor payment requests come with new routing numbers and/or account numbers
- Vendor payment requests from a new email address
- Requests for wire transfers to a new account (a foreign account)
- Any ‘urgent’ or ‘confidential’ requests for payment
- Requests for payment at the end of the day or before weekend and/or holidays
- Requests for payment without justification
- Requests for payments of unusual or large amounts
- Requests for payment to a personal account
Business email compromise scams
BEC scams occur when an attacker impersonates a company stakeholder and tricks your employees into transferring money to fraudulent accounts or sharing confidential information.
BEC attacks are categorized into five types:
Fake invoice scheme: Attackers creates a fraudulent invoice, usually impersonating a foreign supplier.
CEO fraud: Attackers impersonate a company executive and demand an urgent wire transfer from a junior executive.
Account compromise: Attackers hack an employee’s email account and requests payments from vendors.
Attorney impersonation: Attackers impersonate a lawyer or other official who handles confidential information and request more sensitive data from staff.
Data theft: Attackers target HR and accounting employees to steal sensitive data like tax information. These data become useful for the attackers in future BEC attacks.
Why are BEC attacks so successful?
BEC attacks are most of the time successful as it does not require much technical knowledge. It is not very easy to detect a BEC attack even though there are many other tools to protect the firms from attacks such as malware.
But some technical measures can be taken to protect your company from BEC attacks.
- Enable two-factor authentication for account logins
- Create visual indicators, so emails from external addresses will be clear to your staff
- Block auto-forwarding email feature that makes it hard for attackers to hide
- Secure your international wire transfer policies and include a wire transfer time delay
- Finance team must verify vendor payment requests via phone
How to prevent BEC attack
BEC attack can be prevented effectively by implementing a security awareness programme in the company. Educate your employees how a BEC attack attacks. Make them aware of the attacks, and help them recognize it and adopt better cybersecurity practices.