What is a BEC Scam and How do Criminals Carry it Out?
Business email compromise scam is the fastest-growing cyber crime causing over $1.86 billion loss annually. BEC scams often impersonate the regular mails company employees usually get daily. There are very few differences in the layout, and the employees often get fooled due to numerous similarities. They authorize a payment or open an attachment releasing malware into the company’s server. The problem escalates into ransom ware attacks, massive amounts sent to fake parties, and employee dismissal or enormous losses for the company.
Social engineering scams
BEC crimes are social engineering scams as the victims get persuaded easily to confide confidential information to the hackers. An employee answering hundreds of emails a day will not note minor spelling mistakes or logo changes during a busy day. Hackers take advantage of this human carelessness and inability to note minor differences to indulge in fraudulent activities. Using the right technologies to combat BEC and providing encrypted emails for employees helps control this issue. Training the employees properly about such scam implications will also be beneficial.
Imposter email scams
An accountant receives a sudden email from their CEO or senior officer asking them to transfer money to a particular account. A supplier informs the company about a bank account number change or an updated email address with a request to forward invoices and payments there. These emails seem normal at first look but sent by hackers who will receive the employee’s transfer amount. The employees will note discrepancies on close examination in the sender’s email address.
Malware data collection scams
Business email compromise occurs when a company or executive gets targeted personally, collecting all their details through social engineering techniques. Their email and contact list are stolen from the company database or through their social networks on the internet. The attacker can gain finances from the employee only if they know what sort of emails they receive daily and from whom. They collect this information through malware or other phishing and spoofing methods.
Businesses must invest heavily in securing their database to prevent such scams and data leakage about their employee and supplier details. Cybercriminals usually create a fake domain, steal data from vulnerable company security points, and use the information to collect the dots easily. There are five crucial steps every business must take to prevent BEC scams.
Employee education to avoid CEO fraud scams
Train the employees about high-level email and data security through a suitable company. Teach them to trust their instincts and cross-check any new requests for money transfer or account number change directly with the concerned person. Train employees to be alert at all times while handling money or sensitive information-related documents.
CEO fraud is the most common type of BEC fraud where an urgent email from a CEO requests sensitive data about an employee or an important document or sudden money transfer. Employees receiving such requests must consider whether the CEO will actually need these details and cross-check sender details. There will be minor differences in spelling mistakes or sender names like using two alphabets, “Smith” or 0 instead of o “R0bert”.
Handling discrepancy scams with machine learning bots
Employees must never forward or send essential documents without confirming it is only reaching the authorized personnel at all costs. The employees must get trained to note sentence structure differences, date or time differences, and other minor changes in requests from usual people. Companies must get high-end encrypted emails for all their employees and keep the data secure.
Filtering fake domains with authentication
Every company must have a specific email template all their suppliers and other third-party communicators must use. The employees must reject random customized requests that do not come in the approved template. BEC protection providing companies use DKIM or Domain Keys Identified Mail and Sender Policy Framework or SPF technologies to implement this sender template format. DKIM checks every email to confirm whether it actually comes from the domain of their actual supplier.
Some scammers impersonate the lawyer or company attorney, asking the HR or other new employees to send data about main employees. They do this to steal data and get hold of important employee and supplier email addresses. Domain verification and the SPF technologies help a lot in preventing such scams. Even if the scammers get hold of the email address, they will not be able to access the actual template. Besides, automatic bots will spot discrepancies in location and domain and automatically filter the suspicious emails.
Auto-detection of secure elements
The DMARC – Domain-based Message Authentication Reporting and Conformance technology tracks whether the email comes from the actual sender. They do this through domain and location verification and even use digital signature authentication to ensure the emails don’t come from fraudsters. When an employee’s email account is compromised, hackers can automatically send funds to the required account without authorization. DMARC technology helps enormously prevent this as no approval gets done without a digital signature. Lots of fake invoice scams can get controlled using the DMARC technology.
Business gateway breach scams
Investing in proper employee training and such technologies helps keep the data secure, filters the BEC emails by bots, and keeps the employees alert. The BEC combating technologies work using intelligent automatic bots, gaining immense knowledge through machine learning. They detect BEC tactics by analyzing numerous frauds and learn automatically from new phishing schemes. The bots know about several possible scams and filter the employee business email addresses from imposter emails.
The technologies analyze every business email for the right body content following the template and malicious attachments. They also check the header and sender’s IP address to confirm it is actually the original person and for generalized spam errors. Sometimes, Email Account Compromise (EAC) occurs from a third-party site.
The vendor or suppliers dealing with the company will fall prey to hackers, and the cybercriminals control their original email ID. EAC might lead to various issues like over usage of credit cards or payment methods, creating credit card debt, or wiping out bank accounts. EAC is closely linked to BAC because the actual motive behind hacking a small, vulnerable vendor’s email is to target his huge client company.