In August 2020, the United States Department of Justice announced that a citizen from Ghana had been extradited to the U.S. in connection with a coordinated fraud scheme responsible for hundreds of thousands of dollars in losses. At the center of the allegations was a business email compromise (BEC) attack targeting a Memphis real estate group.
While this dramatic scenario highlights some of the complexities and risks associated with sophisticated BEC campaigns, the real threat is more common than you might think.
What is business email compromise?
BEC attacks are coordinated fraud campaigns that attempt to exploit specific business targets, often for financial gain.
A BEC scam may target individuals who work in finance or accounting to convince them to transfer funds through an illegitimate channel controlled by the perpetrators.
As the name implies, business email compromise can be carried out by taking over an individual’s email account. However, account takeover is not the only technique that may be deployed during a BEC attempt.
BEC and other cyber threats
The FBI has identified other tactics that criminals might use to execute a BEC attack. These include spoofing, spear-phishing and malware.
Spear-phishing — or targeted, fraudulent communications — and malware — which could include applications that harvest information — are techniques that can be used to facilitate account takeover, or they can be used for spying. Even if the scammers aren’t able to hijack an email account, by gaining access to internal company data, they can gather private information that will help them craft even more deceptive communications.
Whether accomplished through an account takeover or spoofing — the act of using an email address or website URL imitating a trusted connection — BEC attackers can then convince individuals to comply with their demands, such as initiating a wire transfer or handing over further information.
Business email compromise and remote work
In March 2020, the Better Business Bureau reported that the rapid transition to remote work could increase the risk of cybersecurity incidents. The organization highlighted business email compromise as one of these potential threats. Why? There’s a couple of reasons.
- First of all, current events are often exploited by scammers during their initial outreach. Workers expected disruption as the pandemic unfolded, and sometimes they didn’t keep their guard up.
- Secondly, even those who would have been skeptical of a COVID-19 pitch may have been likely to follow the scammer’s instructions if they received a communication from their boss’s actual email address.
- In addition to these issues, home networks often lack the robust security standards found in corporate offices, and individuals may sometimes work from their personal devices, too. When laptops are connected to an unsecured public network for teleworking, the risks multiply. Eavesdropping and malware are common threats in these environments.
How to handle business email compromise
Using secured networks and updated antivirus software are some of the first steps you can take to prevent BEC attacks from gaining a foothold. In addition, you should look out for the warning signs of a BEC campaign and report the activity if you suspect you’ve encountered an attempt.
Spot the signs of BEC
As a recent Microsoft article pointed out, creating a sense of urgency is one of the telltale signs of a BEC attempt. Before you click on any links, check the URL in the preview text for signs of a spoofing attempt. Review the sender address, too. If you’re still suspicious, call the supposed sender through a known, legitimate number, or talk to them face to face about the issue.
Report BEC campaigns
In addition to flagging potential issues with internal departments at your company, you should consider alerting your bank and contacting an FBI field office as well as the Internet Crime Complaint Center.
Find out more about how Total Defense can help you stay safe while working from home.