- A typical BEC involves attackers impersonating a C-suite executive and sending emails to a bunch of employees for fraudulent wire transfer.
- In order to get quick clicks, these phishing emails include subject lines that create a sense of urgency among the employees.
Business Email Compromise (BEC) attacks are taking a toll on organizations worldwide. A typical BEC involves attackers impersonating a C-suite executive and sending emails to a bunch of employees for fraudulent wire transfer.
Before initiating a successful attack process, attackers monitor the compromised email account of the targeted senior executive working in the organization to learn communication habits and the company’s routine processes and procedures.
Gaining a thorough understanding of the victim’s background makes the scam look less convincing and the spoofed email appears to be legitimate.
Evolution of BEC attack techniques
With the passing years, the BEC attack has evolved as threat actors shift their focus to other well-known business associates to dupe employees. The new targets are HR employees, contractors, and lawyers.
For instance, the CEO of an unidentified Swiss company was duped nearly $1 million after scammers sent emails that appeared to come from a trusted lawyer. The email was designed in such a way that the recipient believed that he was communicating with the seller’s attorney.
In order to get quick clicks, these phishing emails include subject lines that create a sense of urgency among the employees. Some of the highly used subject lines as reported by KnowBe4 are:
- Password Check Required Immediately
- De-activation of [[email]] in Process
- Urgent press release to all employees
- You Have A New Voicemail
- Back-Up Your Emails
How to identify BEC attacks?
- Employees must thoroughly check the spelling of the sender’s email address before responding to the email. Often scammers add an ‘extra’ letter to the email address, which usually goes unnoticed by recipients. This is a major red flag of a BEC attack.
- BEC scams prey on natural human flaws. Implementing robust communication policies with multiple checks and controls can help identify these flaws and protect organizations from attacks.
- Implementation of email authentication standards such as SPF, DKIM, and DMARC also helps organizations to detect forged sender addresses during email delivery.
A company’s employees are the first and most important line of defense against BEC attacks. Hence, training staff members to recognize the signs of a scam can go a long way in reducing BEC attacks.