Among the myriad of threats targeting small and medium-sized businesses (SMBs) today, business email compromise is a particularly growing concern. And for good reason.
Just last year, BEC attacks resulted in $2.7 billion in actual losses. To make matters worse, that’s a 12.5% increase from 2021.
As these threats manipulate their way into inboxes, it’s clear that businesses of all sizes need to be ready. So, let’s dive into the world of business email compromise, explore what BEC is and how it works, and learn practical tips for defending against BEC attacks.
Business email compromise (BEC) is a type of cybercrime where threat actors seek to manipulate or compromise email accounts within an organization to commit fraudulent activities, such as wire fraud, data and credential theft, and phishing scams. BEC attacks work by impersonating high-level executives or trusted vendors through email in order to trick employees or organizations into sending money or sensitive information.
BEC attacks typically follow these steps:
As highlighted in the infographic below, BEC attacks rely heavily on social engineering techniques. As a result, these attacks are difficult to detect or prevent with traditional security tools or spam filtering.
BEC attacks can take many forms, but some common tactics include:
Since BEC attacks are generally human-centric, the methods of protection and prevention must also be human-centric.
Security awareness training can be an effective preventive measure against BEC scams. Conducting regular cybersecurity awareness training can help educate employees about the dangers of BEC attacks and how to recognize them and avoid falling victim to them.
However, prevention alone isn’t going to stop BEC attacks. There are tools and technology that can help bolster your defenses. One example is multi-factor authentication (MFA). MFA adds an extra layer of security to email accounts, making it more challenging for attackers to gain access. Another example is managed detection and response (MDR). MDR solutions proactively monitor for and detect anomalies, including looking for behavioral indicators of BEC, like suspicious inbox rules or login attempts from unusual locations.
While the BEC threat is real, it's not insurmountable. By understanding the tactics of attackers and implementing proactive measures, SMBs can be better prepared to face off against today’s email- and identity-based attacks.
Get insider access to Huntress tradecraft, killer events, and the freshest blog updates.