Over 100 trillion emails are sent each year, 300 billion emails on a daily basis. As such, the humble email provides for one of the main ways for unscrupulous hackers and cybercriminals to target and gain entry to business data. The email is possibly not seen as the dangerous covert means of entry to your systems and storage that it is, and as such, it presents the top threat to your business as far as cyber security is concerned.
Business email compromise has become the number one cyber threat for most businesses, and this article will discuss why this is the case and how your business can prepare for this security threat.
The Business email compromise (BEC), as detailed by Proofpoint is whereby an email is sent from what seems to be a legitimate corporate email address and will include some or all of the following aspects of email fraud.
Whaling is a cyber-crime where the email is only targeted at the very top of the company tree. The idea is that the criminal harpoons a top executive (the whale). It is a long game in the sense that a great deal of research goes into developing the email and the specific person it is written to. Initial phone calls are made to junior employees to gather names and personal details of the whale, who is then sent an email for further details or with unsafe links to click.
The personalized nature of the email makes it seem incredibly believable. Over 75% of organizations have experienced a spear-phishing attack in the last year, and these types of attacks are on the increase.
The key to this type of email fraud is that the senders’ email addresses are either exactly the same or incredibly similar to those from which the recipient generally receives remails. Then the following aspects of general email fraud are included. Either your own business email address can be used to elicit and compromise information from those in your supply chain, or one can be sent to your business from an address that seems genuine enough to cause the email to be opened.
Being aware of this type of cybercrime is thus essential and will entail having the security in place as well as the foresight to double-check all addresses before you simply open the emails. The humble email is used for so many different things and ways. As such, it is one of the predominant means that criminals are using to access sensitive data and information.
Being aware of the business compromise email and knowing how to prevent it is going to be key for all businesses going forward. Check the branding or all emails received, don’t open emails from unknown sources, and keep all virus definitions and software up to date. These are the most basic of tips that can save you a great deal of heartache, financial losses and personal information.