TechGuard Blog

Business Email Compromise: Another Way In

An FBI report revealed that business email compromise (BEC) and/or email account compromise is responsible for over 12 million in fraud losses between October 2013 through May 2018. Hackers are always looking for another way to gain access to private information or steal funds. What could hackers learn about your company from your website and social media in regards to the hierarchy of employees? Consider if employees are posting about time spent out of the office. This type of information is valuable and allows criminals to craft the most authentic-sounding emails. Some may even be able to carry on email conversations that appear legitimate based on information gathered using social engineering techniques. Train your employees to watch for tell-tale signs of business email compromise scams.

Signs to Watch For

Many times, cybercriminals will try to capitalize on the relationship between the CEO and the CFO. For instance, an email requesting a transfer of funds goes from what appears to be the CEO to the CFO. In this instance, the CFO would need to be on high alert in order to prevent the attack. Or, often an employee receives an email that appears to be from Human Resources or from the CEO requesting private information. To gain trust, the email might be formulated using a technique known as "double-barrel phishing" (meaning that one email might go out to lure the respondent and a second email follows with the actual attachment requesting action). The double-barrel technique makes the email appear to be more legitimate.

Additional signs to watch for are attackers who use persuasion and pressure in an email. For example, the email sounds urgent or asks for privacy in regards to the conversation. There are so many styles of schemes that hackers are using to try to compromise business email. Attacks could include invoice schemes and appear to be from third-party vendors. Another attack style might impersonate attorneys requesting private information. Also, the FBI reports that there has been a rise in real estate BEC attacks. Attackers request payments are sent to a new location or to a new party. If the victim falls for it, they are sending money directly to the attackers.


Prevent Business Email Compromise

One of the best things an employee can do when he/she is questioning the authenticity of requests in an email is to confirm the request by physically speaking to the person or by calling the person on the phone to verify that the email request was legitimate. Adhere to a policy requiring a secondary sign-off by appropriate employees for financial requests. Another safety measure is to reply to emails by forwarding them instead of replying to them. If you forward to an email address, you will be more likely to select the authentic email rather than accidentally reply to a spoofed email. Another added security measure is to create intrusion detection system rules that can recognize emails that are very similar to company employees' emails but have slight changes. Flag spoofed emails to prevent employees from opening them.

If you fall victim to a business email compromise, be sure to react promptly. Contact your financial institution immediately if you suspect that you have transferred funds to a fraud account. In addition, contact the FBI's Internet Crime Complaint Center to report any suspicious business email compromises.