SNEAK PEAK INTO BUSINESS EMAIL COMPROMISE ATTACKS

EAST AFRICAN DATA HANDLERS :  Cyber Security Awareness

Business email compromise (BEC) is a type of email cybercrime scam in which an attacker targets a business to defraud the company. Business email compromise is a large and growing problem that targets organizations of all sizes across every industry around the world. It exploits the fact that so many of us rely on email to conduct business—both personal and professional. In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request.

Types of BEC

1. CEO Fraud: Here the attackers position themselves as the CEO or executive of a company and typically email an individual within the finance department, requesting funds to be transferred to an account controlled by the attacker.
2. Account Compromise: An employee’s email account is hacked and is used to request payments to vendors. Payments are then sent to fraudulent bank accounts owned by the attacker.
3. False Invoice Scheme: Attackers commonly target foreign suppliers through this tactic. The scammer acts as if they are the supplier and request fund transfers to fraudulent accounts.
4. Attorney Impersonation: This is when an attacker impersonates a lawyer or legal representative. Lower level employees are commonly targeted through these types of attacks where one wouldn’t have the knowledge to question the validity of the request.
5. Data Theft: These types of attacks typically target HR employees in an attempt to obtain personal or sensitive information about individuals within the company such as CEOs and executives. This data can then be leveraged for future attacks such as CEO Fraud.

How Criminals Carry Out BEC Scams

A scammer might:

• Spoof an email account or website. Slight variations on legitimate addresses (john.kelly@examplecompany.com vs. john.kelley@examplecompany.com) fool victims into thinking fake accounts are authentic.
• Send spear phishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information let criminals to access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
• Use malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices.

How to Protect Yourself against BEC

1. Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.
2. Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own and call the company to ask if the request is legitimate.
3. Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
4. Be careful what you download. Never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you.
5. Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
6. Verify payment and purchase requests in person if possible or by calling the person to make sure it is legitimate. You should verify any change in account number or payment procedures with the person making the request.
7. Be especially wary if the requestor is pressing you to act quickly.

As BEC cybercriminals usually target larger corporations which will potentially lead to bigger pay-outs, the likely reason for the lower proportion of BEC attempts in Africa is the relatively smaller concentration of large businesses and corporations there.

However, there are several offshore companies based in Africa, and the COVID-19 pandemic situation contributed to the increase in this type of cybercrime. Their employees rely heavily on wire transfer transactions, opening up more opportunities for cybercriminals to exploit. Within Africa, it was mainly detected in countries like South Africa, Tunisia, Morocco, Mauritius, Nigeria and Kenya.

Looking for Digital Forensics Services in Kenya and Africa? Contact   East African Data Handlers now for unrivalled support! Call 0711 051 000 

• Digital Forensics Services

Contact us Now