How do you defend your business against business email compromise?
In a nutshell, business email compromise (BEC) is a broad category of cyberattack that uses email-based fraud to obtain access to sensitive and valuable business information. In a typical BEC attack, a cybercriminal poses as the victim’s superior (e.g., a manager or CEO) or a trusted party (e.g., business partner). The email directs the recipient to either share important information or it can tell the victim that a payment must be made to a new account.
Other forms of BEC campaigns involve credential phishing. To illustrate, an email that appears to come from your cloud service provider may urgently require you to verify instances of new devices logging into your account. When you click the link, it leads you to a fake login page that steals your account credentials when you enter them.
Once the cybercriminal gets your username and password, they’ll access your account and lock you out of it by changing the username and password. They can then proceed to copy critical data, lock files using ransomware, or utilize the account to commit even more cybercrimes.
BEC is such a pervasive cybercrime that Americans lost $1.7 billion to it in 2019. And when COVID-19 flared up in 2020, cybercriminals launched pandemic-themed email fraud campaigns to turn a bad situation even worse.
How can you spot business email compromise?
One of the telltale signs of a BEC attack is the high degree of urgency in the email. To illustrate, project updates must be given to a manager ASAP so that an impromptu meeting with an industry hotshot may snag an investment. Missed invoice payments will incur hefty penalties, and unaddressed account breaches may result in customer data being stolen.
Another red flag is that the email is not something that you usually receive from the sender, or it does not follow normal protocols. For instance, does the sender typically ask for sensitive information over email? Do the requests to change the account for receiving wire transfers follow normal procedure?
Deciding to respond to suspicious emails should be like deciding whether or not leftovers are still safe to eat: when in doubt, don’t. Call or use an alternative form of communication to reach the purported sender and confirm if they indeed sent the email you received. No matter how urgent the email appears to be, take the time to obtain confirmation — never grant a dubious email request without it.
What are the steps to take when you suspect you’ve received a malicious email?
It is best to always confer with your IT team on the proper procedure for dealing with BEC attacks. Immediately deleting the offensive email will not stop the sender from emailing you or your colleagues — you’ll want to at least have the email blacklisted. And if an email service provider allows you to report suspicious emails, do not hesitate to do so. Many top-tier emailing platforms encourage users to report questionable emails as this helps the platform developers create better safeguards for users.
What if you or your staff still fall for BEC attacks?
Considering how cybercriminals are growing sneakier by the day, the risk of being fooled by BEC campaigns only grows. Therefore, it’ll be good to implement preemptive measures that will protect company accounts from being compromised.
For example, phishing emails steal user credentials, but if your accounts are protected by multifactor authentication (MFA), then it’ll be much harder for cybercriminals to access your data. Therefore, it is wise to implement MFA and other cloud-based security measures.
And when you realize that you may have indeed been tricked by a fraudulent email, change the access credentials of affected accounts and report the incident immediately. For all you know, you weren’t the only victim. Therefore, alerting your IT team of a BEC attack helps them implement the necessary protective measures across your department or even the entire organization.
Business email compromise and countless other cyberthreats put your business at risk. When it comes to your cloud-based resources, let SimplyClouds help you protect these. Contact us today to discover what we can do for you.
Categories: Cloud security, Cybersecurity