Business email compromise (BEC) attacks are one of the
largest cybersecurity risks facing organisations today. In 2018, BEC accounted
for 23% of cyber insurance claims received from Europe, the Middle East and
Asia according to statistics released by AIG*. Furthermore, BEC has resulted in
worldwide losses of at least £21 billion since 2016 according to the FBI in the
USA.
This is clearly a very prevalent issue but what is it, how
does it work and how can the risk be reduced?
What is it?
BEC is when an attacker uses compromised email credentials
or spoofs a legitimate email address to impersonate an individual in order to trick
an employee into either making an electronic payment or providing sensitive
data.
How does it work?
A BEC scam will start with the attacker conducting research
into your company from your website or other online activity, looking for names
and positions of authority within the company that they can impersonate. They may
even identify who is not in the office that day through testing emails for
automatic ‘out of office’ replies.
Attackers can then attempt to gain access to an email
account or spoof the domain of the selected individual. Which would be using an
email address like ‘j.blogg5@live.com’ instead of ‘j.bloggs@live.com’ to trick
the recipient. An email will then be
sent to a selected employee containing a request for money or information.
After researching your company, the attackers are also likely
to identify accounting positions to send the requests to or learn and
impersonate your suppliers who may request urgent payments to be sent.
What preventative measures can be put in place?
- • Multi-factor authentication: this should
be introduced into your IT security policy in order to prevent unauthorised
access of emails when an individual may login from a new location.
- • Employee education: you should ensure to
train all employees on how to identify fraudulent e-mails. Train them to be
aware of urgent money requests that do not follow normal protocol, spelling or
grammatical errors and be wary of any communication out of the ordinary for the
sender.
- • Minimise financial authorisation: the
more individuals that are authorised to process financial transactions
increases the chances of someone inadvertently sending funds. Increased
training should also be delivered to authorised individuals.
- • Verify payment requests: have a two-step
verification process in place for all financial transactions. For example,
verification over the phone or in person as well as an email.
What now?
Do you know what you would do if you were to fall victim to
BEC incident? A cyber liability insurance policy will provide the services and
support to help you deal with the incident and also help mitigate the costs
involved.
If you would like further information regarding this or
other cyber security risks, then please call 03330431133 and speak to one of
our team who would be happy to help.
*https://www.aig.co.uk/content/dam/aig/emea/regional-assets/documents/aig-cyber-claims-2019.pdf