Skip to content

More About BEC Campaigns and How You Can Stop Them?

red envelope representing phishing scam email

 

In this insight, we look at what BEC campaigns are, their characteristics, and what businesses can do to protect themselves from the threat of BEC campaigns. 

 

What Is A BEC Campaign?

 

A business email compromise (BEC) campaign is a kind of text-based, impersonation, social engineering scam where, in most cases, the victim is forwarded an email threat that appears to originate from their boss. The email is given legitimacy by appearing to be a thread between a partner company, a customer, or an organisation in the supply chain so that it will be recognised by the target. The email instructs the victim, e.g. someone in the finance department of the business, to transfer funds (wire transfer / BACs payment) into an account which is that of the scammers. 

 

 

Types

 

In the US, for example, the FBI has defined five main types of BEC campaigns, which are: 

– CEO Fraud: The attackers impersonate the CEO or an executive at the company and target an individual in the finance department. 

– Account Compromise: This is where an employee’s email account is hacked/compromised and used to request payments. 

– False Invoice Scheme: Mostly targeting foreign suppliers, this method sees the scammer impersonating a supplier to request fund transfers to fraudulent accounts. 

– Attorney (Lawyer) Impersonation: As the name suggests, the attacker impersonates a lawyer or legal representative, targeting, for example, lower-level employees because they may be more unlikely to question the validity of the request. 

– Data Theft: Targeting HR employees, the motive is to obtain personal or sensitive information about company personnel, e.g. CEOs and executives, that can be used as part of future attacks (such as CEO Fraud). 

 

credit card with fishing hook through it, on a keyboard
SCAM ALERT written on yellow notice post it note, placed on laptop

 

Sometimes Uses Domain Spoofing

 

BEC campaigns also sometimes use domain spoofing and lookalike domains to trick the targeted employees. 

 

EAC Often Related To BEC

 

It is often the case that email account compromise (EAC) enables the BEC, i.e. gaining control of a legitimate company email account makes it possible to launch convincing BEC campaigns. 

 

Difficult To Detect

 

One reason why BEC campaigns are so challenging to detect, e.g. using antivirus, is because they don’t often contain red flags such as malicious links or attachments. 

 

 

How To Guard Against BEC Campaigns

 

Some ways that businesses can defend themselves against the threat of BEC campaigns include: 

 

– Briefing and training staff about the nature of the threat and the different types of well-known BEC campaigns. For example, staff should be informed of the indicators of a possible BEC campaign, e.g. high-level company executives asking for unusual information, being asked not to communicate with others about requests, any requests that would bypass the usual channels, spelling and grammar inaccuracies in the emails, and email domains and “Reply To” addresses that don’t match sender’s addresses. 

 

– Ensure that company email security is robust and that staff are aware of how to avoid risky behaviour with emails, e.g. clicking on unusual links, downloading attachments, or password sharing. 

 

– Encouraging employees to trust their instincts and, if they have the slightest doubt, let them know that it’s OK to seek help and advice. Attackers often rely upon targeting victims at busy times of the day, and making requests sound very urgent, so employees need to know that stopping to check and slowing things down is a good idea. 

 

– Having a clear, blanket procedure in place for requests that seek verification from designated managers who are well-informed about this type of fraud and have the confidence and authority to check and challenge. 

 

man typing on Mac laptop with white envelope icons overlaying
digital white envelope coming out of laptop screen

What Does This Mean For Your Business?

 

Since this type of campaign is difficult to spot with automated solutions (e.g. antivirus) and relies upon human error to work, a human-centred approach to protection, such as employee training and the communication of clear blanket policies about this type of question/request/instruction that prevents any circumvention are a wise move for businesses. As with all social engineering, the criminals are using methods designed to suspend normal judgement and force an emotional reaction before reasoned, critical decision-making can happen. Knowing the signs (through training), slowing things down, feeling as though they will be supported by managers, and not being afraid to ask others and stick to the policy are ways in which staff can be empowered to defend the company’s security in the face of the threat of BEC campaigns. 

Wondering what to do now?

If you want to find out more or contact us press one of the buttons to the right.

Other Posts in this Category

Will Cathcart Vows to Protect WhatsApp Users’ Privacy Despite UK Online Safety Bill

Will Cathcart Vows to Protect WhatsApp Users’ Privacy Despite UK Online Safety Bill

Will Cathcart, the CEO of WhatsApp, recently made a stand against the UK’s Online Safety Bill.

Sustainable Search Engines: Understanding the Carbon Impact of LLMs

Sustainable Search Engines: Understanding the Carbon Impact of LLMs

Search engines are the pulse of the internet, providing quick and easy access to information.

Essential Guide to Setting Up SPF, DKIM and DMARC for Email Security

Essential Guide to Setting Up SPF, DKIM and DMARC for Email Security

Email authentication protocols are important tools that help protect your organisation against email spoofing.

Navigating the Tech Recession: How Tech Businesses Can Bounce Back and Move Forward

Navigating the Tech Recession: How Tech Businesses Can Bounce Back and Move Forward

Amidst reports of significant job cuts and temporary shutdowns, tech businesses are facing an unprecedented challenge.

“Exploring the Impact of Davos on Businesses and Technology”

“Exploring the Impact of Davos on Businesses and Technology”

The Davos Agenda is an annual event that takes place in the Swiss Alps, bringing together political and business leaders,

“40% Fall in Ransomware Earnings: How Increased Security Measures Are Impacting Cybercriminals”

“40% Fall in Ransomware Earnings: How Increased Security Measures Are Impacting Cybercriminals”

According to a recent report from blockchain data platform Chainanalysis, cybercriminals have seen a significant drop in their earnings due