A BEC (or Business Email Compromise) attack occurs when cyber criminals use social engineering combined with phishing and spear-phishing techniques to track people in organizations into revealing sensitive information (like passwords), transfer funds, or give up data.
Cyber criminals can use many approaches in a BEC attack but some of the more common ones to watch out for are:
Spoofing the email addresses of executives, banks, the government (like IRS) or lawyers. Cyber criminals use the fear factor to try and get you to click on links or open attachments that have malware.
Compromise trusted emails from your supply chain, like vendors you interact with regularly, or businesses that provide services to you.
Hacking email accounts with passwords that are weak or have been compromised elsewhere. With so many passwords for so many sites to keep up with, human nature is to reuse the same password in multiple places.
Protect yourself and your organization from BEC attacks by focusing on making sure you have the best protection on ALL your computers, and training and educating your team on how to identify phishing attempts and what malware can do.
Firestorm Cyber offers Cybersecurity Awareness training online and live at your business, and industry-leading services that protect and defend your computers from sophisticated attacks.
Contact us to see how we can help you protect your business!