Inbound Shield™

Keep your organization safe from targeted threats with powerful multi-layered scanning technology. Deeply analyze, detect, and classify the most advanced Phishing, Malicious, SPAM and even Gray emails.

Try Trustifi
Deployed In Minutes Easily With outlook Outlook/O365 Add-in or Relay Google Workspace Add-in or Relay Any Email Server Relay

Inbound Shield™

Keep your organization safe from targeted threats with powerful multi-layered scanning technology. Deeply analyze, detect, and classify the most advanced Phishing, Malicious, SPAM and even Gray emails.

Try Trustifi
Deployed In Minutes Easily With outlook Outlook/O365 Add-in or Relay Google Workspace Add-in or Relay Any Email Server Relay

Business Email Compromise

Business Email Compromise is an email scam that tricks victims into giving away information and credentials that allow a hacker to breach your company’s system. Learn how to recognize and protect yourself from BEC.

 

What is Business Email Compromise?


A business email compromise (BEC) attack is a digital crime where the hacker targets your business for scamming. Also known as email account compromise (EAC) or a Man-in-the-Middle attack, BEC is one of the most financially devastating forms of online fraud. It takes advantage of people’s reliance on email to conduct business. A cybercriminal designs an email account very similar to the one of an executive within the company. They use this bogus account to fool employees into giving up their system credentials, which the hacker then uses to break into the network and steal data.

Throughout the world, business email compromise is growing. It has become a pervasive problem that targets enterprises of all sizes, across all industries. Businesses have lost billions of dollars as a result of BEC attacks. BEC attacks most often target executives who handle their company’s finances with the goal of duping them into routing wire transfers into bank accounts that the victim believes to be legitimate, yet all the money goes to the criminal, that is, the “man in the middle.”

 

How Does a BEC Attack Work?


As with other targeted scams, a business email compromise attack begins with research. The cybercriminal first chooses a company to attack. Then, they look for useful information on the company’s website or LinkedIn page. From this publicly available information, the hacker compiles a list of the company’s employees with their respective designation.

The attacker learns the pattern of the employees’ email addresses and then selects a target to carry out the scam. They forge the email address of an employee at the executive level. The thief might masquerade as the CEO, CFO, or some other person on the C-level. The cybercriminal requests in the message that certain activities be performed, such as conducting transactions, updating bank details for future payments, or altering payroll information.

Unlike other cyber threats, business email compromise scams do not include malicious email attachments or links that can be detected automatically by a cyber threat defense. Instead, it uses an impersonation technique or other social engineering methods to get the victim to divulge the information that can be used against the business.

 

What Does Business Email Compromise Look Like?


BEC is a socially engineered scam. A BEC attack disguises itself as a trusted entity. The victim gets an email from a seemingly trustworthy source. The source appears to be either a colleague, a senior executive, a vendor, or the company’s owner. The hacker may simply concoct a fake email similar to one the impersonated person might send. If they are lucky (or sufficiently devious), the hacker may be able to intercept an actual email from a company executive to use as a template. Obviously, the latter approach is more dangerous, since there are fewer loose ends or telltale signs identifying a malicious sender.

To breach a target, a hacker sends an email pretending to be from a familiar source and makes a legitimate request. Here are few examples.



An impersonated supplier sends a message explaining that they have an updated email address and request payment for an invoice.
A bogus title company sends an email to a home buyer explaining how to send the down payment.
A phony CEO sends a message to the company’s finance department and asks them to make a wire payment to the provided bank account.

The above examples are real scenarios that have happened to real victims. All these emails were frauds, and each case cost the victim hundreds or even thousands of dollars.

Signs of a Business Email Compromise Attack


While BEC attacks will differ depending on the intended victim and the hacker’s preferred technique, a few elements are common to most of the attack vehicles, and you should be on the lookout for them when dealing with emails.

Suspicious Emails from High-Level Management

Using C-level executives’ email addresses as a means of interacting with the target gives the attacker an edge in gaining psychological control over the victim. It is crucial that you take heed if the senior executive makes an urgent request or orders you to do something outside your normal business process, especially if this is about the company’s money or confidential information.

Unfamiliar Tone of Voice

Recognizing an odd tone, form of speech, or syntax is a common way to detect a suspicious email. For instance, if a supposed coworker addresses you as “Dear Sir” in an email, and that form of address is not the norm, the email is probably a fraud. As another example, if the message is full of typos and the alleged sender normally sends perfectly typed emails, chances are you are dealing with a hacker on the other end.

Request to Ignore the Company’s Standard Procedures

When it comes to handling the company’s large financial transactions, companies often implement a strict security procedure. Employees should be on the lookout for requests to ignore the standard procedures of making a transaction, regardless of who supposedly makes the request.

 

How to Stay Protected Against BEC Attack?


While no guarantee exists that your employees will not be victimized by BEC attacks, you can take measures to reduce the risk.

Two-Factor Authentication

Two-factor authentication is a terrific way to secure your employees’ accounts. It increases protection against hackers by requiring a user to authenticate themselves with something in addition to a password. Often, TFA involves the user’s cell phone. After the user enters their account password, the system sends a one-time passcode to the registered cell phone number. Even if the hacker has stolen a C-level executive’s password, they cannot break into the system unless they are also in possession of the executive’s phone.

Regularly Monitor Your Security

Your security team should always keep an eye on your IT network and look out for any potential vulnerabilities. Keep checking on your employees, too, and regularly tell them to take precautionary measures while interacting with the company’s email.

Conduct Realistic Attack Simulations

Simulating a BEC attack is an excellent way to see how your workers will react to a real attack. A simulated attack also gives you an idea of where your security system is weak and which employees need more training.

 

How Does Trustifi’s Inbound Shield Protect You from a BEC Attack?

 

Trustifi provides advanced protection against cyber threats to an organization’s email system. Trustifi features the Inbound Shield that acts as an email filter. As soon as Trustifi’s Inbound Shield is deployed to your company’s email system, sophisticated AI software begins scanning every email received by your server. Each incoming email is placed in a sandbox where Inbound Shield’s multi-layered detection scans everything about the email including sender, email subject, content, links, and attachments. To be deemed safe, an email must pass all tests at each layer.

The email is scanned in 3 parts and has a unique and advanced approach for each part.

 

Email Content and Headers

AI detects and classifies BEC, VEC, Spam, and GRAY.
Header analysis detects spoofing and impersonation techniques.

Links – Advanced Methods to Catch the Most Sophisticated Phishing Sites

Deep analysis based on content, meta data, and domain reputation.
Proprietary method to catch zero-day phishing sites.

Files – Deep Scanning

Detects and neutralizes links inside files.
Searches zipped and archived files.
Sand boxes all messages until they are determined safe.
Seeks out Trojans, viruses, and malware.

Learn how you can protect yourself and your company with Trustifi’s Inbound Shield. Contact a Trustifi representative today to view a demo and see how simply and affordably Inbound Shield can safeguard your systems.