IT service providers continue to see ransomware breaches. The threat of business email compromise is not going away. BEC is a huge and growing problem that organizations should address in their cybersecurity strategies and operational policies. A “human firewall” of trained employees can help ensure that a business email compromise attack does not result in financial losses.
What Is Business Email Compromise?
Business email compromise attacks use email fraud to trick victims into sending money or sensitive information to the attackers. According to a recent report from Cybersecurity Insiders, 71 percent of BEC attacks use “spoofed” email accounts or websites in highly targeted attacks. Almost half (49 percent) spoof an identity in the display name, typically a company executive or someone with authority to request a wire transfer.
The attackers often research the company’s organizational hierarchy through social media, then send the spoofed email to someone in finance or accounting who regularly handles such requests. Victims think they’re getting an email from the CEO or CFO and their natural instinct is to transfer the money.
The finance department isn’t the only target. Fraudsters are also sending BEC emails to HR, with bogus requests to change an employee’s direct deposit account for salary or expense payments.
In other cases, the attackers will find out the names of legitimate vendors and business partners that the company wires money to regularly. The attackers will pose as the supplier and send an invoice, requesting that payment be transferred to an account controlled by the fraudsters. Companies that do business overseas are often targeted.
How to Avoid Becoming a Victim
What can your organization do to avoid falling victim to business email compromise? Secure email gateways and other tools that block spam and phishing emails are not as effective at detecting business email compromise attacks. The DMARC protocol can prevent domain name spoofing and ensure that the content of emails has not been compromised, but it’s not foolproof.
The key is to educate employees and executives about the risk and how to spot fraudulent emails. Often, the emails come from a domain that’s slightly different from the company’s real domain or have a reply-to address that does not match the sender’s address. BEC attacks rarely have the bad grammar and spelling associated with phishing emails, but they may use European date formats or sentence construction that suggests a non-English speaker.
Even if the email is flawlessly constructed, employees should be suspicious of urgent requests from executives to wire money and to keep the request confidential. They should also question vendor requests for payment that don’t go through normal channels.
Most importantly, organizations should establish policies and procedures for verifying wire transfers. Employees should always be suspicious of email requests and use a different channel — phone, fax, or in-person — for confirmation. The account number for the wire transfer should be checked and verified. Banks are also establishing more stringent protocols around wire transfers to help detect fraud.
Business email compromise doesn’t receive as much press coverage as ransomware, but it is still a significant threat. Employee training and education along with establishing a strong “human firewall” is key to helping protect your organization from fraud associated with BEC.
ABOUT MAINSTREAM TECHNOLOGIES
Mainstream Technologies is based in Little Rock, AR, and provides IT services throughout Arkansas. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.
Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile