Business Email Compromise (BEC)

Imagine your CFO or Controller having a compromised email account. This could become a huge problem for your organization. The cyber criminal will work in the background to monitor the email box and watch the passing conversations.  When an interesting email chain (such as information about a wire transfer) happens, the hacker will create email rules to insert himself into the middle of the conversation and redirect the path of the money transfer. Business Email Compromise attacks are close to impossible to trace, leaving you with irreplaceable financial and reputational loss and downtime.

Cyber criminals can use brand impersonation, social engineering, and phishing to steal login credentials and access a business email account. Once the account is compromised, hackers will monitor and track activity to gain insight such as how the company does business, the email signatures they use, and the way financial transactions are handled. Subsequently, they can launch phishing attacks, harvest financial information and gain additional login credentials for other accounts.

Protect Against BEC

60% of organizations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year (Source: Mimecast). It is important not to rely on your email platform (such as Microsoft 365) to protect against these threats. To combat against email threats, multiple layers of advanced security are recommended. With a combination of people, technology, and processes, you can reduce the risk of BEC.

Email Monitoring Tools

Email monitoring tools can identify unusual activity in your email accounts such as email forwarding rules, logins at unusual times or from unusual places, and other behavior that is uncharacteristic of your email users.  When this happens, you can stop the threat in its tracks before your data and dollars are gone.

Dark Web Monitoring and Password Polices

In some cases, hackers leverage usernames and passwords acquired in previous data breaches. Due to the fact that people often use the same password for different accounts, hackers are able to successfully reuse the stolen credentials and gain access to additional accounts. Monitoring the dark web for past credential compromise and real time compromise will allow you to know exactly when your credentials are up for sale so you can take action before the hackers do.

Hackers also use stolen passwords for personal emails and try to get access to business email. Brute force attacks are also used to successfully take over accounts because people often use very simple passwords that are easy to guess and not often updated. Enforced password policies will ensure that your employees are utilizing unique, complex, and updated passwords. This will prevent new attacks on old passwords and prevent the use of easy to guess passwords.

Multi-factor Authentication

A compromised password can lead to unauthorized access by someone who has no business being in your business.  Multi-factor authentication technology requires something you have (such as a mobile phone) and something you know (such as a password) to access your network.  If a cyber criminal manages to gain access to credentials, with multi-factor authentication, they would have to be validated before logging to the account. Requiring each user to login to the network with this extra step ensures that only those you want logging in will be able to do so.

Cybersecurity Awareness Training

It is important to provide regular awareness training for employees to recognize all types of attacks and know how to report attacks. Training should include phishing simulation for emails, voicemail, and SMS. Your organization should have processes and technology in place to test the effectiveness of your training and identify users most vulnerable to attacks. Providing this training will help employees avoid making costly mistakes. Procedures can also enforce training such as requiring users to confirm requests that come in by email when making wire transfers or buying gift cards.

Are you prepared to defend against business email compromise? Your current cyber risk rating can help establish a plan to defend against BEC threats and other critical attacks to your organization. Our Cyber Risk Gap Analysis assessment will give you the insights into your unique cyber risk rating which will help you make the best informed decision on the security improvements or changes needed to defend your organization.