Cyber security experts’ recommendation on the five ways to mitigate the increasing risk of BEC attacks.
Have you ever received an absurd email from your colleagues or seniors for a wire transfer?
Do you cross-check whether the sender is legitimate when you receive such emails?
Well, you should definitely start verifying if the person on the other end is legitimate. Instead of developing malware or a complex attack chain, cyber criminals are impersonating the person you trust to launch BEC attacks.
In my previous blog, I explained how a cyber criminals group is taking BEC attacks to new heights! These attacks are one of the most common types of cyber threats to the Middle East region today. As a fact, the attack vector has resulted in a tremendous loss in finances and reputation in the region.
Business Email Compromise (BEC) attacks are the major vectors for malware and ransomware attacks. This is why cyber criminals use it as bait to launch malicious campaigns. They impersonate anyone from the organization like colleagues, seniors, or external suppliers to trick the email receiver.
However, no matter how easy it seems to fall for this attack, it is much easier to prevent BEC attacks! How? Well, you can avoid becoming a victim by following the five basic yet effective preventive measures.
Most of the time malicious emails create a sense of urgency or come from spoofed email pretending to be legitimate. For example, the legitimate email should come from firstname.lastname@example.org but instead comes from email@example.com. So, we should be vigilant enough to spot these mistakes and know we are being attacked.
I know sometimes we can be very busy with our work to check all these. However, if we want to avoid being a cyber attack victim then we will need to. Moreover, it’s better to spend a few more minutes and cross-check the sender than to blindly trust the sender.
The other scenario to spot BEC attacks is a false sense of urgency as stated above. Most of the time the cyber criminals will create a panic situation so that you do not think twice. Therefore, it is advisable to avoid wiring money or sending out any sensitive information before you cross-check every detail in the email.
One simple but effective way to stop email-based attacks including BEC attacks from spreading is to report the matter immediately. If you do not report the matter to the concerned authorities then someone from your organization might fall for it.
For that reason, whenever you stumble upon any fraudulent or suspicious emails, you should report the issue to the IT support team. Even if the team can’t resolve the issue, they can often look at patterns and gain more insight from multiple reports.
Organizations can also implement tools like TAB. The tool allows the employees to report any malicious emails and helps in removing any reported fraudulent emails directly from the inbox. The tool also empowers employees to identify malicious emails since it gives out the threat score of the email.
Educate the Employees
No matter what software or end-point protection an organization has implemented, it all comes down to how sophisticated the employees are. Consequently, the most important and effective way to stop BEC attacks is to train the employees in the best way they should be trained.
Providing employees with adequate cyber security awareness training helps them to beware of cyber threats. It also helps the employees to identify the cyber attack vectors and how to combat them.
A cyber security training program includes:
- Simulated cyber attacks campaigns to give employees a real-time experience of a cyber attack and help them understand the effective ways to combat the cyber attacks
- Security awareness programs to make the employees realize how each attack vectors differs
- Awareness content that includes videos, quizzes, newsletters, videos, etc. to help employees spot any spam content and make them understand their responsibilities in protecting the organization
- Tips on applying best practices to avoid being taken in by a business email compromise fraud
Enable MFA for Business Email Accounts
Multi-factor authentication (MFA) helps you keep your email account safe in case of some unauthorized tries to your email account. Adding an additional layer of security with MFA forces cyber criminals to verify your email account. This reduces the chances of your email account getting compromised.
Two types of MFA you and your employees can implement to secure the email account:
- SMS token authentication: This check often consists of a text message that comes as an OTP in the set phone number for authentication. Whenever a new user tries to log in to your account, they will need to verify through the OTP to confirm they are the legitimate account owner. The same goes for the new device.
- Email token authentication: This check is identical to SMS token verification, the difference is that the OTP will be received via an email. Since not every employee has their phone while working, it is a good idea to go for this option. Moreover, it also gives the flexibility to log in to the email from any device or system to receive the OTP.
Secure Your Email Domain
Securing your email domain stops malicious actors from forging your email domain. Cyber criminals impersonate brands to manipulate employees, customers, and partners effortlessly.
However, if an organization implements tools like KDMARC that monitors SPF, DKIM, and DMARC then the email domain can be protected against forgery. With the help of KDMARC you can check if any email sources are trying to utilize your domain. Above that, you can identify if these sources are sending spoofed emails using your domain. So, it makes it easier for you to identify and authorize the genuine sources and keep an eye on any threats.
KDMARC also allows you to set up authentication policies. Setting up policies helps in blocking emails that fail an authentication process from reaching the recipient’s inbox. Consequently, only your legitimate email ends up in the recipient’s inbox, thus, it increases your email deliverability rate as well. Hence, KDMARC not only protects your email domain but also boosts your email engagement rate.
Just My Thoughts
BEC attacks are one of the most harmful email-based attacks with potentially severe consequences. However, we can avoid these attacks by implementing the right tool and security protocols.
If the organizations do not take the proper steps now, cyber criminals might use your name or brand to manipulate someone who trusts in your service- which is worse than you being the victim. So, why not implement the security measures and protect yourself and your trusted customers from falling into the trap.
Click the button below to secure your email domain against spoofing for FREE with KDMARC!