Protect Your Organization From BEC Attacks
Learn more about Business Email Compromise, how it works and why you’re vulnerable
What is Business Email Compromise?
Business Email Compromise (BEC) is a type of advanced email attack that inherently relies on the use of identity deception and evades detection by avoiding the use of a detectable payload such as a URL or attachment. Commonly, the criminal will pose as a colleague of the intended victim or as a vendor of the organization of the intended victim, and either ask the intended victim to perform a payment or to send sensitive data. There are three different types of identity deception that criminals use to execute a BEC attack: spoofing, display name deception and account take-over.
BEC Research Shows Attack Acceleration
The most recently published statistics estimate the exposed losses of BEC attacks at $5.3 billion* between October 2013 and December 2016, a sharp increase from similar time intervals of previous years. In 2017, BEC scams continued to accelerate.
Based on our research, BEC scams are not discriminating based on industry, company size or security controls in place. While cyber criminals attack organizations of all shapes and sizes, they also have a wide range of sophistication from simple display name attacks using free webmail accounts to sophisticated multi-level and globally distributed cyber criminal organizations using everything from cleverly selected look-alike display names to masquerade their identities, to proxies hiding their actual locations.
How BEC Attacks Work
In a typical BEC attack, an email is sent to the CFO of a company purported from the CEO of the company, asking the CFO to make a financial transfer. It may also be an email appearing to come from a key employee, asking a person in HR for confidential employee tax information.
As soon as the money is wired or the information is sent, the attackers can do what they want – from transferring the money to a different account to filing fictitious tax returns on behalf of these employees.
BEC Threat Taxonomy
All successful BEC attacks feature identity deception.
They masquerade as a key figure within a company to exploit the trust of employees.
How BEC Attacks Evade Your Defenses
As BEC attacks rarely include malicious attachments or high-risk URLs, they are able to bypass email security defenses that look for malicious content. Instead, they use clever social engineering techniques to target organizations and their employees, to make these attacks much more credible — and much more successful.
The Solution – Agari Enterprise Protect
Agari Enterprise Protect is used by leading Fortune 1000 companies to proactively combat business email compromise and protect their enterprises and employees from costly attacks that result in financial damage and compromised employee personal information.
Unlike other solutions that attempt to detect malicious content or use basic authentication mechanisms, Enterprise Protect leverages comprehensive insight into sender identities. By applying expert systems and machine learning to develop and apply trust and authenticity models, it identifies, isolates and stops email attacks that rely on identity deception.
These models are driven by the Agari Email Trust Platform™, the only solution that verifies trusted email identities based on insight into over 2 trillion emails every year.