Business email compromise (BEC) scams are more common than you think. Between 2014 and 2019, businesses suffered financial losses worth over $2.1 billion on account of business email compromise, according to the Internet Crime Complaint Center (IC3).
But what exactly is business email compromise? BEC is a type of email fraud that aims to steal a company’s confidential business information or commit money transfer fraud. For instance, hackers can send emails that look like they are coming from a real employee or a trusted business partner asking you to transfer funds or share critical business information.
If hackers have defrauded your business through BEC, you should report the attack to the appropriate authorities in your state. You may also want to hire a computer hacking forensic investigator to find out the source of the attack and any other details. However, it is always a good idea to take preventive steps to protect your business from BEC scams. For instance, you can use endpoint threat prevention software that automatically detects, responds to, and prevents cyber attacks in real time. Here are some more tips on how to prevent business email compromise.
You can fend off most BEC attacks simply by being a little more cautious. Attackers use some common tactics to steal information through a BEC scam. They often try to instill a sense of urgency. For instance, a phishing email may request last-minute changes or a quick fund transfer right before the workday is over.
Scammers also use a tactic called domain spoofing, in which they try to fool victims into believing the email is coming from a credible source. For instance, the attacker may create a fake domain name that closely resembles the original domain name, such as sureexcel.com instead of surfexcel.com.
Make sure your employees are aware of the consequences of a business email compromise. Issue clear guidelines for what to do when someone receives a suspicious email. Organize training programs from time to time to educate your employees on how to identify and prevent a BEC scam. For instance, they should not respond to any emails coming from the personal email address of the sender. Always use a business email address for internal communication. Employees should also verify a request for fund transfers received via email by calling the sender directly before making the transfer. If the request comes from a senior executive, your employee may be hesitant to call them for confirmation. That’s why you should set clear rules for communication so that your employees can confidently follow up with the person sending a payment request or asking for confidential business data.
Also, set up a system for how your company should investigate an email scam. For instance, contacting a computer hacking forensic investigator immediately after a BEC attack.
Consider applying multi-factor authentication (MFA) in all of your company emails. That way, attackers must have access to a user’s physical device, such as a phone or laptop in order to hack into their account. You can also use advanced software tools for endpoint threat prevention. These tools give you real-time visibility into each enterprise endpoint so that you can respond to any possible cyber attack as they arise.
We all know very well that sugar is harmful for our teeth, it is one… Read More
There is something profoundly enduring about a saree. Across centuries, political shifts, and the relentless… Read More
When people start investing in property, their focus is usually on growth and timing. Only… Read More
Ever found yourself standing ankle-deep in murky water during your morning shower? Or perhaps you've… Read More
If you’ve spent your morning commute daydreaming about green hills, fresh air, and a backyard… Read More
Imagine searching “how to keep skin hydrated in winter” and getting a clear answer instantly,… Read More