Business email compromise (BEC) is an attack where a hacker gains access to an organization’s mailbox or the mailbox of someone an employee’s trust. BEC scams can cost your company a lot of money, compromise data security, and damage a business’ reputation and relationships. Here’s how BEC scams work, what the consequences are, and how to prevent and respond to such attacks.
How BEC Scams Work
BEC scams can take many forms, but they usually follow a recognizable pattern. Here are some of the most common types:
- Account Compromise: The fraudster hacks into an email account of a trusted contact or even a co-worker, and asks you to click a link, make a payment, change your account details, provide personal information, or financial information
- CEO Fraud: The email impersonates a senior official of your organization and asks you to make a large and urgent payment to a new or changed account
- Invoice Fraud: The scammer impersonates a vendor, supplier, or contractor that you deal with, and asks you to pay to a new or updated account
- Spearphishing Attack: The threat actor creates an attack targeted at one person, using personal details, information found online, and company information to dupe their target
In all these attacks, the scammer tries to create a sense of urgency, pressure, or trust, to make someone act quickly and without questioning. The scammer may also use information that they have gathered from an organization’s website, social media, or previous emails, to make the email look more authentic and relevant. Everything is orchestrated to make a person believe it.
What are the Potential Consequences of BEC?
If someone in an organization falls victim to a BEC scam, that organization may face serious and lasting consequences, like losing money that cannot be recovered from the bank or the authorities. Sensitive information may be exposed to the fraudster, such as financial, personal, or customer data. That breach of data could lead to identity theft, fraud, blackmail, or legal issues. That may result in the organization’s relationship with stakeholders or clients may be damaged, who may question their security and credibility. Moreover, their business may suffer from reputational harm and negative publicity, which could affect their market position and customer loyalty.
How to Prevent BEC Scams
The best way to prevent BEC scams is to adopt a comprehensive and proactive approach to cybersecurity that includes people, processes, and technology. Here are some of the best practices that you can follow:
Educate and train the employees of your business: learn how to recognize and avoid Business Email Compromise scams. Check the sender’s email address, verify the authenticity of requests, and report suspicious emails. Create a company culture of security and accountability, in which everyone feels responsible and empowered to prevent and report cyberattacks. Products such as Huntress security awareness training can help educate employees.
Subscribe to a security monitoring service to help detect and thwart hackers if someone were to gain access to employee’s mailboxes. SpireTech has several systems in place for this, but we are currently recommending clients subscribe to Huntress’s MDR for Microsoft 365 to improve a company’s defensive posture. If you are a client of SpireTech, contact VIPSupport to subscribe to these services.
Utilize an advanced email filtering service, such as Avanan Advanced Protect. Next-generation spam and phish filters do a lot to cut down on spam and detect phishing attempts. Additionally, Avanan will do a click-time scan of any links clicked from emails for one last-chance check for malicious links.
Establish and enforce secure policies and procedures: Have clear and consistent rules and guidelines for email communication and financial transactions: require multiple approvals, use encryption, and confirm changes verbally.
Update and protect your devices and systems: Keep your devices and systems updated with the latest security software, like antivirus, firewall, spam filter, and multifactor authentication.
Security software is a vital protection against cyberattacks. Furthermore, backup your business’ data regularly, and use strong and unique passwords for accounts. Avoid using public or unsecured Wi-Fi networks. Be careful when opening links or attachments, especially when from unknown or unexpected sources.
Monitor and audit email and financial activity: keep track of your email and financial activity. Be on the lookout for any anomalies or irregularities, like unusual requests, changes, or amounts.
What to do if You are a Victim of Business Email Compromise
If your organization suspects that it has been targeted or victimized by a BEC scam, act as quickly as possible to minimize damage and prevent further harm. Here are some of the steps to take:
- Contact your IT provider immediately. Time is of the essence. They will do everything they can to mitigate the situation. If the organization is a client of SpireTech, we promise to take swift and decisive action.
- Contact the business’ bank and try to stop or reverse the transaction: If someone has sent money to a fraudster, contact the bank as soon as possible and try to stop or reverse the transaction, if possible. Inform the organization’s bank of the incident and ask for their assistance and advice.
- Change passwords and secure accounts: If someone has shared your passwords or other information with a fraudster, or if someone has opened a link or an attachment that contains malware, change passwords and secure accounts immediately. Scan employees’ devices and network for malware and remove any threats.
- Notify business contacts and advise them to be cautious of any emails that they receive from your business or that claim to be from the person compromised. Warn them not to open any links or attachments, or to make any payments or changes, without verifying it first.
- Report the incident to the authorities, such as the FBI’s Internet Crime Complaint Center (IC3), and provide as much information as possible about the scam. This will help the authorities to investigate the case and to prevent future scams.
Conclusion
BEC scams are a common but costly type of cyberattack that can affect anyone who uses email for financial transactions or business operations. Be aware, vigilant, and prepared, so that your business can reduce the risk of falling prey to these scams. Prevention will protect employees and your organization from the consequences. Remember, if an email seems too good to be true, or too urgent to be ignored, it may be a BEC scam. Always verify before trusting it.
If you are a client of SpireTech, we are happy to check any emails you are unsure about. Never hesitate to ask for help if you are in doubt.