Money being transferred through business email compromise victims is increasing, as cybersecurity criminals evolve their tactics.
Hundreds of Millions of dollars are lost every year through cybersecurity incidents. The financial toll is high, but so too is the emotional toll. Some businesses will survive, while an increasing number will not be able to whether the financial or reputational damage a compromise can have.
Business Email Compromise (BEC) attacks don’t get the same high profile that other hacks do for one reason. BEC attacks are simple. Instead of having to develop malware or complex payloads, all attackers need to do is send an email. More often than not, by pretending to be a coworker’s email account or using a compromised account within the organisation.
The worst part is, BEC actors are growing up and evolving in to more sophisticated actors with novel techniques that are working. The average amount requested or transferred in 2020 increased from $48,000 in Q3 to $75,000 in Q4.
How to you protect against BEC?
Cyber threat actors use a fairly wide range of technical methods and social-engineering methods to win trust and carry out fraud. However, taking a range of effective measures can minimise the threat from BEC attacks:
- At minimum, every organisation should set up SPF records.
- Use of DKIM signatures and implementation of a DMARC policy to guard against fake internal correspondence.
- Use of these technologies contributes to a kind of collective immunity against many types of malicious operations with e-mail headers.
- Cybersecurity Awareness Training facilitates employees being vigilant and identify BEC attacks that get through other layers of defense.
- Use of perimeter email and web security solutions to reduce the risk of compromise in your organisation
Interested in learning more about Quantex™ Solutions, or making arrangement for your Cybersecurity to be put to the test? Contact us at 1300 468 683 to speak with our IT security professionals.