Combatting Business Email Compromise in 2023

Business email compromise in 2023 – potentially one of the biggest threats to your business this year.

Business email compromise (BEC) is a social engineering technique used to manipulate unsuspecting people into transferring money or sensitive information through fraudulent emails that appear to be from legitimate sources.

As we move into 2023, it’s crucial for your business to be aware of the evolving tactics of BEC attackers.

You need to implement strategies to protect against this type of cybercrime straight away.

Don’t become a victim of business email compromise in 2023!

Business Email Compromise In 2023

Business email compromise in 2023 is looking to rise.

Since 2016 there has been a continuous increase in the number of BEC attacks. We can even see this from last year when there was a staggering 72% rise in the number of business email compromise. 

What’s also likely to increase with business email compromise in 2023 is how many attacks bypass older security measures.

Armorblocks report states that in 2022, 56% of attacks bypassed older security measures. This is only likely to increase in 2023.

All these problems with business email compromise in 2023 are likely to rise.

So, what are you doing to protect yourself?

Scammers can only get smarter than your outdated systems.

Examples of Business Email Compromise in 2023

BEC attacks in 2023 are only going to get worse.

With the stronghold that AI tools such as ChatGPT has on the world, it is expected that BEC emails will get harder to notice.

Using tactics that playoff real-time world events, criminals have managed to stay ahead of the good guys with increased sophistication and swiftness. Using ChatGPT, it might even become easier and quicker to scam with BEC emails. 

Here are some examples of how criminals have previously used BEC:

    • Healthcare providers were fooled by criminals posing as trusted vendors as healthcare providers scurried to get much-needed personal protection equipment.
    • A large social media firm handed over personal payroll information about employees to an individual they thought was their CEO.
    • A non-profit organisation was fooled into transferring a large loan to a business partner right into the hands of the threat actor.

As you can see, there are many examples of how BEC can be used – especially in relation to real-world events.

You’ll also likely see these examples in 2023.

What You Can Do

To protect yourself and your business from these types of attacks, employee education is essential.

For example, if someone in your accounts payable department receives an email from a business partner requesting you alter established wire transfer information, be sure your staff are trained.

Your staff need to know how to recognize the request as a red flag and confirm directly with their point of contact details of the change.

It seems second nature, but when people are busy and working against deadlines, it’s easy to miss a well-disguised ruse.

And that’s how they get you.

From a defence in-depth perspective, it’s also essential to ensure you have a layer of threat detection in place to help identify malicious behaviour, alert of the threat, and inform the correct response and remediation measures.

This would include:

Monitoring for suspicious behaviour – both on-premises and in the cloud

Your traditional perimeter security tools (e.g. Firewalls) aren’t enough anymore to keep your business safe.

BEC emails are designed to look like normal user activity to infiltrate your business. It doesn’t matter if your data is on-site or in the cloud.

You need to monitor all your endpoints to ensure that nothing sneaks through to your staff.

The easiest way for you to monitor your endpoints in 2023 is to utilise Endpoint Detection and Response (EDR) platforms.

Remember: If a threat actor slips past perimeter defence and acquires user credentials, it will be difficult to identify threats that appear as typical activity. Meaning, anybody can pretend to be a member of your staff. 

Planning for the worst case

When something nefarious goes down, you need to know immediately.

You don’t have time to lose. 

If an alert goes off at 1 a.m., the time lost until someone sees it and makes sense of it could be the difference between your business staying afloat – and sinking.

However, it is not feasible for every business to have staff monitor their systems 24/7. Especially if you’re an SME.

So, Managed threat detection and response is a great alternative if you are unable to monitor your environment 24/7 with IT Security staff. 

Overall

There a few layers of cybersecurity you need take care of in 2023 when it comes to your business email compromise.

If you don’t have the correct protections, anybody can pretend to be you or your employees and ruin your business – or somebody else’s.

However, there are a few more tips you can use to protect yourself from business email compromise in 2023.

Tips for Business Email Compromise in 2023

While there are many aspects to improving your defence in-depth, the following from the FBI act as good and effective tips to share with employees to help elevate everyone’s awareness of how to avoid business email compromise attacks.

    • Be sceptical: last-minute changes in wiring instructions or recipient account information must be verified. Do not verify by email.
    • Don’t click it: verify any changes and information via the contact on file. Do not contact the vendor through the number provided in the email. Use the phone number already on file.
    • Double-check that URL: ensure the URL in the email is associated with the business it claims to be from.
    • Spelling counts: be alert to misspelt hyperlinks in the actual domain name.
      • E.g. emails from ‘support@facebook.com’ vs ‘support@faceebook.com’.
    • It’s a match: verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s email address appears to match who it’s coming from.
      • E.g. if you get an email from Facebook, what is the email address it comes from? Is it ‘support@facebook.com’ or ‘shjsdhjvn12@gmail.com’.
    • Pay attention: often there are clues with business email compromise, e.g.
      • An employee who does not normally interact with the CEO receives an urgent request from them.
      • Data shows an employee is in one location at one time, but halfway around the globe 10 minutes later.
      • Active activity from an employee who is supposed to be on leave.
    • If you see something, say something: if something looks awry, report it to your managed service provider or IT security supervisor.
    • If you have been a victim of BEC, file a detailed complaint to the National Cyber Security Centre.

To learn more about business email compromise threats and defence against them, contact Jera today.

Get guidance, education, and technology to strengthen your security posture with Jera. Give us a call and let’s discuss.

Article used with permission from the ConnectWise Partner Program