Article Read Time
Business Email Compromise (BEC)…sounds like something you might learn about in business school, sounds boring. However, it is one of the primary sources of online fraud, even topping ransomware.
BEC doesn’t have the ominous ring of “ransomware.” Nor does it confront you with a skull and crossbones on your screen, warning you that your files are encrypted, your computer is locked, and you must pay thousands of dollars in ransom to regain your data. BEC is much more…well, sophisticated.
In a Business Email Compromise, the perpetrator will email a well-researched target (victim). The email will appear from a senior manager, directing the recipient to wire a significant transaction to an account. Additionally, the sender will include a sense of urgency. For example, “We need to send $500,000 to account number #123456 at “Banks R Us” in the Cayman Islands immediately, or we will lose our biggest account! By the way, I’m boarding a flight and will not be reachable for a couple of hours. I need this transaction done by the time I land in Palm Springs.” Or something along those lines.
The scammer relies on the recipient’s desire to please their boss and the urgency of the request. Over time, these requests look more legitimate as scammers spoof emails so they appear to come from the boss or another legitimate entity.
Additionally, the scheme might be less urgent and look like it’s coming from a vendor instructing the accountant at your firm to redirect payment for this month to a “new account.”
This crime cannot always be stopped by technical means. If the criminal controls the sender’s email, the message will appear to come from that manager or vendor.
Prevent Business Email Compromise (BEC)
The protection against these types of scams includes training and procedures.
Any deviation from the regular business should require the recipient to have authorization via another communication or from a second entity. A phone call or walking over to the office to confirm, and looking for clues in the sender’s email. If the language seems ‘off’ or the email address doesn’t look right. Maybe the amount is more than you’ve ever sent before.
The FBI warns that, especially during the pandemic, BEC scams have increased. While ransomware continues to grab headlines, BEC remains the most significant cause of financial damage.
Do you prioritize your organization’s safety and security? Allow Commonwealth Sentinel to be your partner in risk reduction and ensuring the well-being of all. Our comprehensive services range from software and hardware solutions to training and policy implementation. Contact us at (502) 234-5554 to learn how we can help you achieve peace of mind.
At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things.