• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Kentucky Cyber Security

MENUMENU
  • Home
  • About
    • About: Sheri Donahue
    • About: Leo Haggerty
    • Career Opportunities
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us
You are here: Home / Blog / Business Email Compromise BEC…The Silent Killer

Terry Davis / September 14, 2023

Business Email Compromise BEC…The Silent Killer

Business Email Compromise BEC

Business Email Compromise (BEC)…sounds like something you might learn about in business school. Sounds almost boring. However, in reality, it is one of the main sources of online fraud, even topping ransomware.

BEC doesn’t have that ominous ring to it like “ransomware.” Nor does it confront you with a skull and crossbones on your screen warning you that your files are encrypted, your computer is locked, and you must pay thousands of dollars in ransom to regain your data. BEC is much more…well, sophisticated.

In a Business Email Compromise, the perpetrator will send an email to a well-researched target (victim). The email will appear to come from a senior manager and will direct the recipient to wire a significant transaction to an account. Additionally, the sender will include a sense of urgency. For example, “We need to send $500,000 to account number #123456 at “Banks R Us” in the Cayman Islands immediately or we will lose our biggest account! By the way, I’m boarding a flight and will not be reachable for a couple of hours. I need this transaction done by the time I land in Palm Springs.” Or something along those lines.
The scammer is relying on the recipient wanting to please their boss as well as the urgency of the request. As time goes on, these requests look more legitimate as scammers are able to spoof emails in order to truly appear to come from the boss or other legitimate entity.

Additionally, the scheme might be less urgent and simply look like it’s coming from a vendor instructing the accountant at your firm to redirect payment for this month to a “new account.”
This is a crime that cannot always be stopped by technical means. If the criminal has gotten control of the sender’s email, the message will appear to come from that manager or vendor.

Prevent Business Email Compromise (BEC)

The protection against these types of scams includes training and procedures.

Any deviation from the normal business should require that the recipient have authorization via other communication or from a second entity. A phone call or walking over to the office to confirm. Looking for clues in the sender’s email. If the language seems ‘off’ or the email address doesn’t look right. Maybe the amount is more than you’ve ever sent before.

The FBI warns that, especially during the pandemic, there has been an increase in the number of BEC scams. While ransomware continues to grab the headlines, BEC continues to cause the greatest financial damage.

Do you prioritize the safety and security of your organization? Allow Commonwealth Sentinel to be your partner in risk reduction and ensuring the well-being of all. Our comprehensive services range from software and hardware solutions to training and policy implementation. Contact us at (502) 320-9885 to learn more about how we can help you achieve peace of mind.

Filed Under: Blog

Footer

CONTACT US

Address:
Commonwealth Sentinel Cyber Security
1230 Us Highway 127 S Suite 5 Frankfort KY 40601
Phone:
(502) 320-9885

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT