FEATURE
sent directly to the criminals , only to then be sold on the Dark Web .
I think it ’ s important to analyse these various techniques because , when we ’ re looking at the solution , the technique that the criminals are using will dictate the controls that we implement to ultimately identify and block these threats .
What are the key differences between BEC and EAC attacks ?
Business Email Compromise refers to a scam that targets specific people in the organisation to ultimately steal money or data , with the criminals using the technique of spoofing to pretend to be an executive or supplier .
Email Account Compromise is highly sophisticated , where the attacker uses various techniques to ultimately get legitimate access to the email accounts . They steal credentials by guessing a password or sending a phishing email that , when the employee clicks on the link , they fill in their username and password , and have ultimately sent those details directly to the criminal .
In the case of EAC , there are almost always two victims – the person whose email account got compromised and the other person who falls for the fraudulent request from the compromised email account .
What impact has the shift to remote working had on the frequency of these types of attacks ?
It ’ s a lot harder for employees to physically check with their colleagues whether they really did send an ‘ urgent ’ or ‘ confidential ’ email and with a large proportion of the workforce working from home , or flexible working , it ’ s causing disruption in business process . In addition , with the reliance on cloud systems , for example , and new ways of working , you find that people are much more likely to react , because we ’ re in a heightened state of emotion . People are much more likely to click and engage with a threat before following internal processes .
Proofpoint research data shows that , since March 2020 , more than
7,000 CEOs or executives have been impersonated , with the average number of CEO impersonation attacks now at 102 .
Since the start of the pandemic , Proofpoint has blocked half a million Business Email Compromise attacks .
Remote working and the pandemic have really increased the threat that we all face and the risk to businesses , and that ’ s why now is the time to pay attention to BEC and EAC attacks .
Which controls can organisations consider implementing to thwart BEC and EAC attacks ?
Criminals are leveraging a number of different techniques and tactics to try to trick us so we can ’ t assume that there is a silver bullet or that there is one control or one technology that ’ s going to solve this problem , because there isn ’ t . As with anything in security , it ’ s a layered approach – having a process and then of course making sure that our people are aware of the threats that are targeting them and that they ‘ verify , verify , verify ’.
38 Issue 31 | www . intelligentciso . com