Business Email Compromise: What is It?
The term BEC stands for Business Email Compromise and describes a certain mesh that is currently very popular with hackers. The attackers cleverly gain access to the mail accounts of decision-makers in a company or their suppliers. As soon as they have this, they start reading the email traffic, understanding the processes and spying on the employees.
The goal of the whole thing is to make a fuss: The hackers want to gain so much knowledge about the internal structure and way of communication of the company that they are able to pretend to be decision-makers – CEO or CFO – and the employees with fraudulent but cleverly falsified To fool news. If they succeed in doing so, they supposedly initiate authorized transfers to their own accounts and digital wallets or redirect instructed transfers to them. Check Point already has how much money a group can single-handedly steal with this stitch uncovered by the research team shown.
Working in the home office as a security hole
The current situation, with many employees in the home office, makes it much easier to do this. Work instructions, agreements and customer contact – almost all communication currently takes place exclusively digitally. If an attacker has also stolen the access data to the account of a high-ranking employee, such as a CEO or CFO, there are only a few obstacles to the successful attack. It is all the more important not to enable BEC in the first place and to train employees accordingly.
Christine Schönig, Regional Director Security Engineering CER, Office of the CTO at Check Point Software Technologiesexplains: “We are in the middle of a paradigm shift in hacking activities: criminals are taking advantage of the fact that many of us are currently working at home. We see the BEC scams as part of this trend. Every company and organization known for transferring large sums of money should be aware that it is a primary goal of this type of fraud. If employees work at home and are primarily dependent on email traffic, a skilled attacker can monitor and manipulate every single email – this is particularly worthwhile for employees who are able to make money. We also expect fraud attempts to increase in 2020 as teleworking and digital communications have increased significantly, including in the value of the news. ”
Five steps to protect against business email compromise
- Enable multi-factor authentication For business email accounts: This type of authentication requires multiple login details, such as a password and an SMS code. Implementing multi-factor authentication makes it difficult for cybercriminals to access employee emails.
- Do not open emails from unknown parties: When you do this, do not click links or open attachments as they often contain malware that accesses your computer system.
- Double-check the sender’s email address: A fake email address often has a similar extension to the legitimate email address.
- Always check the address before sending money or data: Make it the standard procedure for employees to have e-mail inquiries for a wire transfer or confidential information first confirmed by all those responsible.
- Use the “Forward” instead of “Reply” for feedback on business emails: When forwarding the correct email address must be entered manually or selected from the internal address book. The forwarding ensures that you use the correct e-mail address of the intended recipient.