Blog

by TRICOM

Cybercriminals have realized that mass phishing emails are now on the radar of many organizations. Instead, they are reeling back their approach and aiming to catch bigger fish with business email compromise (BEC).

BEC is an emerging trend in cyber scams that involves hackers impersonating CEOs, CFOs, and other high-level executives to obtain information related to real estate transactions, company buyers, sellers, agents, and lawyers. They will then use this to wire payments to false accounts from a company's financial department or unsuspecting employees. But how are these tactics working? Let's take a look:

Enter the domain. It's not often that we look for inconsistencies in email addresses, so hackers will use spoofing or typosquatting to mimic the CEO's or executive's email domain as a way of throwing off the receiver.

Being direct. Through social engineering, criminals may gain direct access to an executive's email and then include swift codes or account numbers in requests, in the hopes of a more immediate transaction.

Not available. After an initial request, hackers will craft follow up emails indicating the sender is in a meeting or cannot be disturbed, removing opportunities for further questioning or second approvals.

Malware attack. Fraudsters will often send requests attached with an invoice containing malware. Once opened, this creates a backdoor for further attacks on the company's internal network.

Seems legit. In an attempt to avoid suspicion, hackers will blend their emails in with similar amounts of other financial requests, making the order more reasonable to the recipient.

Outside sources. With many executives working outside of the office, corporate signatures are replaced with text indicating the message was sent from a mobile device.

The Ethos Behind Business Email Compromise

Hackers aren't just playing a technological game when it comes to crafting effective scams; they are playing a psychological one as well. Every employee strives to feel valued and noticed in his or her work, and the presence of a company's CEO or other executive only heightens that emotion. Hackers are in tune with this emotion and are using it to execute business email compromise.

With this psychological tactic, hackers are tapping into the "fear of the boss" mentality that many employees have. No matter where you work in an organization, interaction with the head of your company can be intimidating, and for many, it does not happen often. So when a request comes in from higher up, it's natural you don't want to decline the offer. But, using critical thinking skills can make all the difference.

Employees may also resist questioning these requests for fear of holding up processes or being reprimanded in any way. As the saying goes, measure twice and cut once, even with company security measures. Always be sure.

Hackers are taking full advantage of the "authority bias." Employees place a greater importance on the opinions and urgency of requests by those in positions of power. While these people are responsible for making major decisions for the organization, it's important to take the necessary steps to ensure the request is legitimate. So, when you receive an email from someone in charge, double-check it. The company will be thankful you did.

Good Cyber Hygiene

Since business email compromise (BEC) has become a new trend among cybercriminals, it's important for organizations to build defenses against this growing threat. Here are six ways to prevent BEC:

1. Stay away from free, web-based email accounts and services. Having a company domain keeps all emails in-house and makes it easier to recognize foreign and unauthorized users.
2. Be cautious when posting on social media as this can provide an easy avenue for hackers to seep in and steal company information. Remember to update passwords frequently, and sign out when they are not in use.
3. Maintain a thorough authorization process and keep a look out for suspicious warning signals of financial fraud. If you are unsure, it always helps to check.
4. Avoid using the "reply" button on suspicious email requests. While the "forward" option is less convenient, taking the extra step to type in the recipient's address in your contacts will help you to spot inconsistencies.
5. Don't rely solely on emails for confirmation. If you receive an order that may be a scam, picking up the phone or stopping by the office of an employee to verify the request can stop a BEC scam in its tracks.

We encourage you to share information about cyber scams with employees throughout your organization. This can help keep your business more secure on the cyber front by making employees aware of the types of threats they may encounter and what to do when a potential threat arises.