Business Email Compromise: Important things you should know & how to avert BEC scams | The Financial Express

Business Email Compromise: Important things you should know & how to avert BEC scams

Fortunately, BEC attacks are largely preventable and by using voice verification, multi-factor authentication, and early recognising the red flags, one can easily foil the nefarious motives of the hackers.

Business Email Compromise: Important things you should know & how to avert BEC scams
According to the Federal Bureau of Investigation (FBI), the total losses from BEC scams globally have surpassed $43 billion with the number including both attempted and actual losses reported between June 2016 and December 2021.

BEC is one of the most common attacks faced by organizations across the globe and if left unchecked, these can sabotage both the working and financial credentials of companies quite severely.

Counted among the most harmful and financially damaging crimes in the online space, business email compromise (BEC) is also known by the name email account compromise (EAC). Targeted primarily at companies doing wire transfers or having suppliers overseas, the attackers exploit the popularity of emails used by businesses for communication purposes.

In BEC scams, users get an email message that seems to be from a well-known source such as their suppliers or partners. The message features a genuine request to users such as updating the communication address, acknowledging the delivery schedule, or sending the financial invoice. The BEC can take other forms too. For example, you might receive a communication from the company’s CEO asking for employee ID for delivering gift cards as a part of the Diwali bonus. As a home buyer, you might receive a link from the real estate company on how to make a down payment. All these are just a few versions that victims of the BEC had received in the past and once they clicked on the link, it led to an irreparable loss for organizations.

According to the Federal Bureau of Investigation (FBI), the total losses from BEC scams globally have surpassed $43 billion with the number including both attempted and actual losses reported between June 2016 and December 2021. Further, the premier investigation agency registered an increase of 65% in losses between the years 2019 and 2021 as Covid-19 hit the world and forced people to go completely online to manage their daily affairs. The modus operandi of carrying out BEC can take one or the other form. The most common methodology adopted by scammers is spoofing the website or the email account by making imperceptible variations in the address. Take, for instance, the difference between ajay.verma@abc.com vs. ajay.vermaa@abc.com is virtually unnoticeable and anyone can easily fall victim to such preying tactics.

Also Read: Want to enhance your personal loan eligibility? Follow these 4 tips

Another commonly-used tactic in BEC is sending Spear Phishing emails that seem to have been sent by trusted partners of the company. When the unsuspecting receiver clicks on a link, the scammer gets access to confidential information that can be exploited in a variety of manners. The use of malware software is also a part of the BEC attack and once it successfully breaks into the system, scammers get illegitimate access to sensitive information including the details of invoices and billing receipts of the company. This data can be then exploited by hackers to raise payment requests or leak information to competition among others.

BEC investigation

Comprehensive Security Assessment

After identifying the initial signs of BEC, the first and foremost step that an organisation has to take is to quickly start with the investigation process. Start by analyzing the complete details of the logs from the primary exchange administration centre of the organization. You can take the help of the Comprehensive Security Assessment and Audit Services of eSecForte, for instance, to carry out a complete review of all activities of the suspected account to date. A range of reports offered by eSecForte including the incident response, web application security, and configuration assessment can further assist you to get on with the investigation process.

Incident Response and Penetration Testing

The next part of the investigation should consist of efforts related to identifying all potential users who might have communicated with the compromised account. The assessment of all these users and their login attempts can help in uncovering some other important indicators such as compromised login attempts, download of malware attachments, or activities related to forwarding the mail to other users. You can use our Red Team assessment, Penetration Testing Services, and Threat Hunting/Compromise Assessment to get credible results on this second step of the investigation procedure.

Also Read: Worried about a stock market crash due to war, inflation, recession? Hedge your portfolio right

Risk and Gap Assessment

It is also important for companies to verify the source of the email sender to get an accurate analysis of BEC. In case you suspect any spoofed domain, check the properties of the message under the tab of File and Info. Both anti-phishing and anti-malware scanning services can further prove instrumental in keeping these spoofed domains and email messages at bay.

Recommendations to Avert BEC Scams

While the steps mentioned above can help you to identify the extent of the damage, the following recommendations can help the company to keep itself safe from the BEC in the very first place:

1) Users must exercise the highest level of restraint while sharing information online. Never disclose your date of birth, name of your pet, or details of family members as this data might help scammers to guess your password or answer security questions. To further strengthen the security credentials, make sure to use the reliable web application and mobile application services that help you to stay safe and secure in the long run.

2) Never click on any link or message from an unknown source asking you to update the information, claim a prize, or avail of an offer. In case you have any doubt, make a call to the company and verify whether they have mailed you and requested access for anything.

3) It’s equally important to take a close look at the URL and email addresses as scammers make the slightest variations to attack the users with spoofed messages and domains.

4) Never download and open an attachment from an unknown source as it might infect your system with malware, thereby offering hackers complete control over the crucial data and information of the company.

Effect of BEC on Future

With the sudden surge in the use of internet technologies, the threat of BEC has also grown manifold. What further adds to the complexity is purpose-built imposter emails that are increasingly becoming a threat to companies across the globe. These communications can easily trick users into sharing their sensitive information with hackers and with more organizations using cloud-based services, BEC will emerge as a prominent safety challenge for cybersecurity officials in the near future.

Especially as pointed out by Barracuda, an IT security organization, small businesses and ventures are three times more likely to be attacked by BEC than their medium and large counterparts. Further, the companies operating in the domain of essential services, healthcare sector, and education segment are also more vulnerable to BEC scams than others. Fortunately, BEC attacks are largely preventable and by using voice verification, multi-factor authentication, and early recognising the red flags, one can easily foil the nefarious motives of the hackers.

(By Kunal Bajaj, Chief Business Officer, eSec Forte Technologies)

Disclaimer: These are the personal views of the author.

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.

Photos
10 Photos
Realme 10 Pro Plus launched in India: The 10-point rough cut
9 Photos
AAP sweeps away 15 year BJP reign in MCD election – Photos from celebrations
14 Photos
G20 Presidency: Rare Photos from all-party meet, chaired by PM Modi