Best Practices to Thwart Business Email Compromise (BEC) Attacks - ViralMula.com
Connect with us

Celebrities

Best Practices to Thwart Business Email Compromise (BEC) Attacks

Published

on

0 Shares

[ad_1]

Business email compromise (BEC) refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main mechanisms through which attackers penetrate organizations utilizing BEC techniques, spoofing and account take-over attacks.

In a recent study, 71% of organizations acknowledged they had seen a business email compromise (BEC) attack during the past year. Forty-three percent of organizations experienced a security incident in the last 12 months, with 35% stating that BEC/phishing attacks account for more than 50% of the incidents.

The FBI’s Internet Crime Complaint Center (IC3) reports that BEC scams were the most expensive of cyberattacks in 2020, with 19,369 complaints and adjusted losses of approximately $1.8 billion. Recent BEC attacks include spoofing attacks on Shark Tank Host Barbara Corcoran, who lost $380,000; the Puerto Rican government attacks that amounted to $4 million, and Japanese media giant, Nikkei, who transferred $29 million based on instructions in a fraudulent email.

To thwart a BEC attack, an organization must focus on the Golden Triangle: the alignment of people, process, and technology. Read on to discover best practices every organization should follow to mitigate BEC attacks.

Process

The finance department in every organization has an expenditure authorization policy in place. This policy establishes clear approval levels for any expenditures/payments to safeguard the company’s assets.

While all expenditures/payments should be part of an approved budget, this policy provides a tool for the finance department to ensure that each payment is authorized by the right individual or individuals based on the amount.

In some cases, the CEO or president of a company is granted unlimited authority when it comes to requesting payments. Cybercriminals realize this, which is why they spoof the email accounts of high-level individuals.

Given the current cybersecurity landscape, the finance department should re-evaluate this policy to put stricter processes in place. This may mean requiring multiple authorizations for major expenditures paid via check, wire transfer, or any other channel to ensure the payment request is legitimate. It may also spell out how electronic authorizations are obtained.

For example, if someone in the finance department receives an email from the CEO requesting a wire transfer, the administrator processing the request is required to follow the company policy to obtain additional approvals, including sending emails to a pre-approved distribution list to gain electronic approvals along with confirmations via phone. The expenditure amounts dictate who can sign and co-sign and would be based on your organization’s risk appetite, that is, how much your company is willing to lose.

As a member of the IT team, you should speak with the finance department to explain how BEC and other spoofing attacks happen. Provide real-life examples of recent BEC attacks and brainstorm what your company would do differently to thwart the attack. Based on these examples, the finance department should re-evaluate the current policy with cybersecurity spoofing and BEC in mind. This may mean that the Chairman of the Board, CEO, or company president cannot be the only signature on major expenditures, the dollar amount based, again, on your company’s risk appetite.

Now that the process is established within the expenditure authorization policy, the company now must ensure that its people are trained to follow the policy, without exception.

People

All company employees must be trained to know what a cybersecurity attack looks like, what to do, what not to do, and this training should be delivered on an ongoing basis since the cybersecurity landscape is changing so rapidly.

Employees in the finance department – or anyone who is authorized to disburse funds in any form – should be trained on what BEC and other spoofing attacks look like.

Emphasize that many of these attacks take the form of emails from high-level executives, they tend to be “urgent” requests, and sometimes the request is sent minutes before the close of business and requires immediate payment. With this training, plus the requirement that all employees follow the expenditure authorization policy, your company should be able to stop BEC attacks.

Many companies purchase insurance to cover these BEC losses, but no organization can be certain that the carrier will pay. For example, trading firm Virtu Financial Inc. lost $6.9 million in a BEC scam but their insurer, Axis Insurance, has refused to pay claiming “the unauthorized access into Virtu’s computer system was not the direct cause of the loss, but rather, the loss was caused by separate and intervening acts by employees of Virtu who issued the wire transfers because they believed the ‘spoofed’ email asking for the funds to be transferred to be true.” Virtu Financial Inc. has filed a complaint against Axis Insurance for allegedly breaching the contract by refusing to provide coverage for the cyberattack.

Technology

Next-generation, advanced cybersecurity technology can help block any email threat, including spam, phishing, BEC and follow-on attacks, advanced persistent threats (APTs), and zero-day that attack vulnerabilities – all before the threat reaches end-users.

These types of solutions include:

  • An anti-spam engine that blocks malicious communications with anti-spam and reputation-based filters.
  • An anti-phishing engine to detect malicious URLs and prevent any type of phishing attack before it reaches end-users.
  • An anti-spoofing engine to prevent payload-less attacks such as spoofing, look-alike domains, and display name deception.
  • Anti-evasion technologies that detect malicious hidden content by recursively unpacking the content into smaller units (files and URLs) which are then dynamically checked by multiple engines in seconds.
  • Machine intelligence (MI) and natural language processing (NLP) to check for aberrations from the norm in content and context, such as identifying an abnormal writing style, key words that may signify malicious activity, strange IP addresses, geo locations, timing, etc.
  • Detection to prevent advanced threats and zero-day attacks.
  • Ad-hoc email analysis for end-users to identify suspicious emails before taking reckless action.
  • End-user contextual help to flag emails with customizable banners based on policies and rules to provide end-users with additional contextual information and increase their security awareness.

The solution should be able to detect and stop spoofing and account take-over attacks, where a cybercriminal gets access to a legitimate email account and tries to go further into the network.

Final Thoughts

The proficiency of these attacks is why businesses and managed service providers (MSPs) choose to use Acronis Cyber Protection solutions. With a unique combination of machine intelligence (MI), automation, and integration, this all-in-one cyber protection solution is designed to help lower business risk and improve productivity, regardless of how data loss occurs.



[ad_2]

0 Shares

Continue Reading
Click to comment

Celebrities

Usain Bolt Offers Sha’Carri Richardson Some Tough Advice Following Multiple Meet Losses

Published

on

By

[ad_1]

Jamaican sprinter Usain Bolt is offering some words of wisdom to rising track star Sha’Carri Richardson following the young athlete’s fall from grace.

During a recent interview with the New York Post, the eight-time Olympic gold medalist was asked about the 21-year-old whose stellar performance in the U.S. Olympic Track and Field Trials at the new Hayward Field in Eugene, Oregon, last June was quickly overshadowed by a series of incidents, including a failed drug test, which subsequently got her disqualified from the Tokyo games entirely.  

Bolt told the media outlet that the best thing the Texas native can do now is stop talking and focus on what really matters. “I would tell Sha’Carri to train harder and to be focused and not say too much…,” he explained. A much speculated lack of media experience ultimately led to a dim in her once fiery fan support. Many have expressed belief that the young star’s trash talk proved damaging to her brand. 

“If you talk that big talk you have to back it up,” Bolt continued. The Jamaican-born sprinting phenom added, “So just train hard and focus on that and try to come back, do it and then talk about it.”

On Aug. 21, Richardson finished in last place in the women’s 100 meters as Jamaica’s Elaine Thompson-Herah dominated the race. Shortly afterward, an online feud seemingly unraveled between Richardson and Team Jamaican.

Bolt told the outlet he and his fellow Jamaican athletes were not impressed by Richardson’s attitude, considering a rivalry between American and Jamaican sprinters that picked up some steam dating back to at least 2012. 

“Jamaicans were vexed because she was talking a lot of s–t before the actual race, it is just one of those things,” he explained. “Jamaicans don’t like when people talk s–t about us because we are a very proud people. So if you talk about us we are gonna want you to back it up. It definitely gave those women the extra push [to win.]” 

Richardson has had a few incidents with members of the Caribbean nation. She was offered an all-expenses-paid trip to Jamaica by a Jamaican hotel owner, following her loss to Jamaica’s Shelly-Ann Fraser-Pryce, who finished second in the Prefontaine race. Many people online found the gesture to be disingenuous.

‘You Have to Back it Up’: Usain Bolt Offers Sha’Carri Richardson Some Tough Advice Following Multiple Meet Losses

Continue Reading

Celebrities

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? (SWIPE)

Published

on

By

[ad_1]

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? 👀 (SWIPE)

[ad_2]

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? 👀 (SWIPE)

A photo posted by The Shade Room (@Viralmula.com) on

Continue Reading

Celebrities

SWIPE and PressPlay to see the two moments everyone is talking about that happened at the end of the DondaEvent – KimKardashian came out in a wedd

Published

on

By

[ad_1]

SWIPE and PressPlay to see the two moments everyone is talking about that happened at the end of the DondaEvent – KimKardashian came out in a wedding dress and performed what seemed like a mock wedding or reconciliation with KanyeWest . Also, KanyeWest left the stage on fire. @applemusic

[ad_2]

Continue Reading

Trending