Uptick in BEC (Business Email Compromise) Fraud
Guarding Against Business Email Compromise: Strategies and Solutions
Business Email Compromise (BEC) is a sophisticated scam targeting organizations by attacking legitimate business email accounts to conduct unauthorized fund transfers.
BEC fraud involves threat actors who, posing as trusted contacts such as company executives or vendors, provide fraudulent banking information. They often achieve this through:
Compromised Email Accounts: Hackers gain unauthorized access to an email account within your own or an adjacent organization.
Domain Spoofing: Scammers create email addresses that closely mimic legitimate ones, tricking recipients into believing the emails are from trusted sources.
Non-profit organizations and small businesses are particularly vulnerable due to often limited cybersecurity measures and the high level of trust placed in electronic communications for funding and payments.
There are two main areas to improve to combat this type of attack.
Process:
- Out of Band Verification: Always verify financial transactions and changes in payment details through a secondary communication channel, such as a phone call.
- Employee Training: Regularly educate staff on recognizing and reporting phishing attempts and suspicious emails.
- Verification Protocols: Establish strict protocols for financial transactions, including the verification of all requests for transferring funds or changing account details. Ensure staff are trained on and adhere to the protocols.
Technology:
- Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security to our email accounts and systems. This makes it more difficult for a threat actor to gain access.
- IT Security Measures: Ensure up-to-date antivirus and anti-malware solutions are installed on all devices.
- MS365 Exchange Online: Enable “First Contact Safety Tip”. This will warn users if they receive messages from a new email address.