The holiday season is upon us, which means it’s also the busiest time of the year for online shopping. There’s Black Friday, Cyber Monday, and gifts to buy for loved ones. Plus, gifts to buy for yourself when the deals are this good! But beware, for cybercriminals ‘tis also the season to scam millions of dollars from unsuspecting people and companies. They’re banking on people being in a rush and distracted during this hectic season, and therefore more likely to fall victim to a scam, which allows them to cash in. Sounds a lot like the Grinch, doesn’t it?
How can you prevent business email attacks? Is training enough? We'll walk you through solutions and tips to protect your enterprise email from these attacks.
Why is business email compromise such a problem?
Business email compromise (BEC) attacks are sophisticated scams that target specific individuals with believable emails asking for funds to be transferred. These attacks can cost a company thousands, if not millions, of dollars a year.
“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible.
Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C-suite executives in emails to colleagues asking for personal or company information.
If you’ve ever received a fake email from one of your “executives” asking for a quick request, you’re not alone. In fact, new research from the Agari Cyber Intelligence Division shows that individual impersonation attempts now comprise nearly a quarter of all BEC attacks. This is an increase from the last quarter, when this type of scam made up only 12% of all attacks.
Time is running out to join industry thought leaders as a featured speaker at Trust 2020, The Next Generation Email Security Conference, on April 15-17 in Los Angeles. The deadline to submit topics for consideration is October 31, 2019.
Trust 2020 is an exclusive, two-day customer event where senior security leaders from a wide range of industries converge to share thought-provoking ideas and actionable insights on defending against rapidly evolving email-based threats to their organizations.
Imagine going to the doctor and only being able to say “pain” or “sick”. You can’t say where you feel the pain, or what type of pain, or what is making you sick. Without this information, it is nearly impossible for the doctor to know how to treat you. From a cybersecurity perspective, this is very much like calling every email attack a “phishing attack" or even a “hack”. It limits the ability to identify proper countermeasures, and it frustrates meaningful comparison between potential approaches.
If you want to know why business email compromise (BEC) and other advanced email attacks keep working so well, just ask Dilbert.
In one particularly biting installment of Scott Adams' popular workplace comic strip, our tech geek hero sits in his cubicle perusing an email that reads, "Enter your bank account number." Dilbert's thought bubble reads "Scam."