Business Email Compromise (BEC)

Category: News
Published: 4th October 2024

Male figure checking off a virtual document.

Business Email Compromise (BEC) remains a serious threat to organisations of all sizes. In these attacks, cyber criminals impersonate suppliers, partners, or even employees within your own company, leading to potential financial losses and reputational damage.

BEC occurs when a criminal gains access to or impersonates an email account to deceive others into transferring money, or to steal valuable or sensitive data. For this reason, BEC attacks are often directed at senior staff, or those that can authorise financial transactions.

In a BEC scam you may receive an email that appears to be from a legitimate source whether that is internally or an external organisation. For example, an existing vendor or supplier you regularly deal with sends an invoice with a different bank account, or the CEO asks you to order gift cards for employee rewards.

Since, BEC emails are targeted at specific individuals, usually those with the ability to authorise funds, they are sending much lower volumes and so standard email filters might not detect them, especially if they are coming from a legitimate email domain that has been compromised.

How to identify BEC scams

Check how an email makes you feel: Does the email make you feel pressured to act immediately? Does it claim the contents are confidential and should not be shared? Take a moment to re-read the emails and evaluate if the request is a typical business request.

Verify the sender: Always check the senders email addresses carefully. Ensure it is coming from the company domain (although domains can also be compromised). It is also good to check that the email signature matches the email address that the email is coming from. Watch out for small variations in the domain name, such as swapping ‘I’ for ‘1’ or ‘o’ for ‘0’. One way to verify the domain is to copy and paste it into a browser to confirm it takes you to a legitimate website.

Check with the individual: If you’re still unsure, reach out to the person through a different method, like a phone call or a message on a platform like Microsoft Teams, to verify whether they sent the email.

Protect your domain from email spoofing

It’s not only crucial to avoid falling victim to BEC scams but also to ensure your organisations domain can’t be used to scam others. An unprotected domain can be spoofed, allowing cybercriminals to create fraudulent lookalike domains that imitate your brand, so it is vital to have spoofing protection in place.

How to implement email protection measures

An unprotected domain increases the opportunity for your brand to be spoofed and fraudulent lookalike domains to be created. It’s important to constantly scan the web for any lookalike domains so that they can be taken down before any harm is done.

A spoofing attack can be harmful to your company, but also your whole supply chain. The repercussions of a spoofing attack include a damaged brand reputation, financial losses, decreased efficiency, and more company downtime. By making it harder for cyber criminals to infiltrate your emails and website, you can keep your organisation running smoothly.

Domain-based Message Authentication, Reporting and Conformance (DMARC) is a policy and reporting protocol that marks the first step in securing your domain against abuse. It prevents cyber criminals from impersonating you in phishing attacks by allowing email recipients to check the authenticity of incoming emails.

The next step is to introduce BIMI (Brand Indicators for Message Identification) which is a standard that displays your organisation’s trademarked logo beside every email. As it is achieved through a combination of a fully configured DMARC record and a digital certificate (a VMC), it ensures a stronger email security for your organisation.

You also need to monitor and secure your domain names against DNS attacks. This helps to protect your customers and supply chain from those wanting to impersonate you as well as ensuring the integrity of your domains.

Automated security scanning and assessment tools will help you to evaluate your web infrastructure, SSL/TLS configurations, email security, DNS and more.

Keep your organisation safe from BEC by making sure all employees know what to look for and that your domain is protected from spoofing.