Protect Your Organization From BEC Attacks
Learn more about Business Email Compromise, how it works and why you’re vulnerable
What is Business Email Compromise?
Business Email Compromise (BEC) is a type of advanced email attack that inherently relies on the use of identity deception and evades detection by avoiding the use of a detectable payload such as a URL or attachment. Commonly, the criminal will pose as a colleague of the intended victim or as a vendor of the organization of the intended victim, and either ask the intended victim to perform a payment or to send sensitive data. There are three different types of identity deception that criminals use to execute a BEC attack: spoofing, display name deception and account take-over.
BEC Research Shows Attack Acceleration
The most recently published statistics estimate the exposed losses of BEC attacks at $5.3 billion* between October 2013 and December 2016, a sharp increase from similar time intervals of previous years. In 2017, BEC scams continued to accelerate.
Based on our research, BEC scams are not discriminating based on industry, company size or security controls in place. While cyber criminals attack organizations of all shapes and sizes, they also have a wide range of sophistication from simple display name attacks using free webmail accounts to sophisticated multi-level and globally distributed cyber criminal organizations using everything from cleverly selected look-alike display names to masquerade their identities, to proxies hiding their actual locations.
How BEC Attacks Work
In a typical BEC attack, an email is sent to the CFO of a company purported from the CEO of the company, asking the CFO to make a financial transfer. It may also be an email appearing to come from a key employee, asking a person in HR for confidential employee tax information.
As soon as the money is wired or the information is sent, the attackers can do what they want – from transferring the money to a different account to filing fictitious tax returns on behalf of these employees.
BEC Threat Taxonomy
All successful BEC attacks feature identity deception.
They masquerade as a key figure within a company to exploit the trust of employees.
How BEC Attacks Evade Your Defenses
As BEC attacks rarely include malicious attachments or high-risk URLs, they are able to bypass email security defenses that look for malicious content. Instead, they use clever social engineering techniques to target organizations and their employees, to make these attacks much more credible — and much more successful.
The Solution – Agari Enterprise Protect
Agari Enterprise Protect is used by leading Fortune 1000 companies to proactively combat Business Email Compromise and protect employees from costly attacks that result in financial loss or a data breach.
Agari Enterprise Protect leverages Agari Identity IntelligenceTM, an advanced artificial intelligence and machine learning system that drives over 300 million daily model updates from data telemetry of more than two trillion emails per year. The system models email senders’ and recipients’ identity characteristics, behavioral norms, and personal, organizational, and industry-level relationships to maintain a real-time understanding of email behavioral patterns.
Agari Enterprise Protect is the next generation of Advanced Threat Protection for email, designed to detect the attacks of today and the ones we expect to see in the future.