Best Practices to Prevent Business Email Compromise

“FBI Reports state, BEC (Business Email Compromise) is the most financially
devastating cyberattack that accounted for nearly $1.8B in losses.”

Business Email Compromise (BEC), as it’s much predicted by the name, is a form of cybercrime that poses risks to companies as the company personnel or vendors commit wire transfer fraud.

This cyber scam exposes a business to a great exponent of financial loss with the potential to cost it millions of dollars. This sophisticated attack is accompanied by using spoofed or hacked email accounts to impersonate trusted accounts asking the receivers to make wire payment purchases under deceitful pretenses.

Some Of The Most Widespread Business Email
Compromise Scams

• Gift Card Scams
  Cybercriminals may attempt to ask senior-level personnel or administrators to buy gift cards for different purposes where the perpetrators request the gift card number and the PIN of the card that can be misused online.

• Payroll Diversion
  Some fraudulent emails are sent to the accounting department/HRs by posing as company employees, concerning making last-minute manipulations in money deposit details.

• Vendor Email Compromise
  With a streamlined process, hackers use stolen credentials to gain unauthorized access to the corporate email account and forge deceitful purpose-driven emails requesting to clear payment invoices from employees after spying on previous mail conversations.

• Transaction Diversion
  Here the shysters target large firms, law offices, and real estate businesses that are majorly involved in making heavy transactions to surveil their email conversations. The instructions are sent to the purchasing entity to wire funds to the account that is in control of the imposters.

• Aging Financial Accounts Scams
  In this scenario, fraudsters seek information from a company regarding its aging accounts receivable reports identifying themselves as senior executives and use that information to target the company’s customers with payment requests on legitimate, past-due invoices.

  These were a few types of business email compromises that enterprises, as well as users, must be aware of and be mindful of making any payment transaction before its validation.

  BEC cybercrime has been proliferating at an alarming rate and will continue to mark its expansion if no steps are taken to mitigate its risks. So let’s shift our focus towards some preventive measures to take against such forms of compromises.

Effective Ways to Mitigate BEC Risks and Attacks

Setup DMARC Protection
With the advantage of advanced tools and software, anyone can use any other person’s identity and send deceitful messages via emails, and it is found that email impersonations account for more than half of Internet-related business losses.

DMARC (Domain-Based Message Authentication, Reporting, and Conformance) helps organizations prevent this from happening and lowers the chances of phishing emails and spoofing attempts penetrating your business network.

This is done by:

• using an SPF record that helps others to know from what server to expect an email
• using DKIM authentication that validates messages to combat spoofs

Be Wary of Email Address/Account Slight Changes
It’s very important to note the changes in the domain name and email platforms from where you receive emails as even a slight change may be an indicator of a phishing attack.

Sometimes, even small changes make fraudulent email addresses that might seem legitimate and can be missed by our eyes. The features of letters and numbers (like lowercase/uppercase/ font) must be strenuously checked to analyze for such tricks.

Furthermore, any email concerning any financial matter or changes to email addresses must be first verified by the vendor company or associated partner before taking any action toward the email.

Monitor Email Exchange Server For Manipulations
This calls for you to keep a check on the configuration and custom rule changes for specific email accounts. To keep the system protected, set up rules that give alerts on any type of updations or manipulations done on your system.

It’s recommended to perform change management on documented processes on a scheduled basis.

Enable Multi-Factor Authentication For Email Accounts
Multi-factor authentication (MFA) is certainly known to add a layer of security to email protection. Along with the verification of username and password, many other security initiatives are needed to be checked and validated to process smooth login.

MFA ensures that attackers must have something else—phone, key, device, fob, authentication app—in their possession to access your email, or else their attempts will ultimately fail to make any type of intrusion.

Flag External Emails
Emails coming outside the organization can be ruled to tag them as external and are easily identified without even studying the ‘from’ field. The settings can be enabled by the email administrators.

Furthermore, employees working within the company must be made to understand and learn about such email types and the required actions to be taken once receiving external emails.

Review The Use of Legacy Email Protocols
Old protocols that are being used for email protection can be exploited by hackers with modern tools and technologies. Old protocols deployed in the system can now be easily attacked and hacked as many of us reuse credentials on different platforms.

This empowers the cybercriminals and enhances the chances of them using the database of stolen credentials and attempting to log onto software systems with the reused credentials.

Be Aware: BEC Has Potentially Severe Consequences

A business email compromise is a criminal phenomenon that needs to be taken care of with strenuous care and awareness, or else such attacks will continue to rise and allow companies to fall victim.

If you are following all the best practices to secure your email network but still feel insecure about your business IT infrastructure’s security, get it a shield from professional IT Security Services from CodeGlo that ensure fully managed security operations, covering enterprise-wide security, risk prevention, and mitigation.