How to Prevent BEC with Security Awareness Training

Introduction

The crime of business email compromise (BEC), which targets a business to facilitate financial theft, is expected to cost business more than $9 billion by the end of 2018. These scams are lucrative like no other. In one recent case, a U.S. company lost over $100 million. The company was scammed using deceptive techniques which involved spearphishing, fake email addresses and mimicking a legitimate vendor. These scams are complex, often multi-stage, attacks. They utilize a mix of human behavior, social engineering and technology.

As businesses, we are all at risk from BEC scams.Q1 of 2017 saw 85% of organizations targeted by at least one BEC attempt. This was up 13% on the previous quarter. Every type of business, of every size, in every location, is a potential target for a BEC scam.

The Human Vulnerability in BEC Scams

Business Email Compromise is about money — often big money. As mentioned above, some scams end up with multiple millions of dollars lost in one or more successive attacks. The scammer(s) will really work for this money, often spending many weeks checking out a company, preparing for their attack and understanding the organization structure to know who, exactly, to target. They will then use various tools in the cybercriminal’s toolkit, like spearphishing emails or malware to get the keys to your kingdom — your email login credentials. Once compromised, your email account is their own to use at will. If the cybercriminal struggles to get this far, they can always fall back on spoofing your email account instead. Cleverly configured email addresses are hard to spot as fake: john.johnson@bestpatties.com is very similar to john.johnson@bestpaties.com, especially in a busy accounts payable department who process hundreds of invoices every week.

Whereas technical hacks, that involve complex malware, (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/U-UuutcW3B0/