Deciphering Business Email Compromise (BEC) Trends

The Evolution of BEC

Early Scams

The Nigerian Prince Scam:

• Originated in the 1980s via postal mail, evolved to email by 2000s.
• Perpetrators posed as royalty or officials needing to move wealth abroad.
• Promised a share of funds for a nominal fee, exploiting greed and naivety.

Lottery and Inheritance Scams:

• Notified recipients of unexpected lottery wins or inheritances.
• Required personal details or upfront fees, leading to identity theft and financial loss.

Overpayment Scams:

• Scammers overpaid for goods or services and requested refunds.
• Payments were fraudulent, leaving businesses financially compromised.

Executive Impersonation:

• Impersonated senior company officials to direct employees to transfer funds or disclose sensitive data.
• Relied on the perceived authority to bypass usual security protocols.

Initial BEC schemes were uncomplicated, not requiring advanced tactics for success. However, their profitability and adaptability to target more significant entities led to their proliferation across all sectors. The Internet Crime Complaint Center (IC3) reports that BEC scams have inflicted costs exceeding $50 billion globally, with incidents across all US states and in 177 countries. BEC is now recognized by the IC3 as one of the primary cybercrime threats in terms of financial damage.

Modern Tactics in BEC

Multi-Stage AiTM & BEC Attacks:

• Target financial institutions and large banks.
• Exploit trust between organizations to override MFA.
• Combine AiTM phishing with BEC to commandeer accounts and perpetuate fraud.

Black Hat AI in BEC:

• Generative AI tools like WormGPT used for crafting convincing fake emails.
• These tools bypass safety measures to facilitate more effective BEC schemes.

Cryptocurrency BEC Variants:

• Direct and ‘second hop’ transfers trick victims into unknowingly sending funds to crypto wallets.

Local IP Address Strategy:

• Purchased local IPs help attackers evade “impossible travel” security flags.

Timing with Summer Vacations:

• BEC attacks in Europe spike in August, exploiting reduced staffing during holidays.
  

BEC Attacks Broaden Their Reach Beyond Email

The FBI alerts that BEC fraudsters are now leveraging new platforms, exploiting the rise in remote work. Instead of just phone or email, they’re infiltrating virtual meeting software.

The method starts with hijacking a top executive’s email to set up fake meetings. In these meetings, attackers might use a static image or manipulated audio to feign connection issues. The endgame is directing employees to send money to fraudulent accounts.

DataGuard’s MDR Advantage

• Comprehensive Coverage: Unlike isolated security solutions, DataGuard’s MDR approach provides a panoramic view of threats, ensuring that no attack vector goes unnoticed.
• Integration with Email Security: This strategy allows for a swift and automated response to threats, minimizing the window of opportunity for cybercriminals.

In Conclusion:

The sophistication of BEC attacks demands a forward-thinking approach to cybersecurity. DataGuard’s multi-faceted strategy, centered around its cutting-edge MDR platform, offers businesses a comprehensive defense mechanism. This is not just a response to current threats but a proactive measure against future vulnerabilities.

For a more in-depth understanding of how DataGuard’s solutions can protect your business from BEC attacks and other cyber threats, reach out for a discovery call. Our experts are ready to assist you in fortifying your digital communications against the sophisticated cyber threats of today and tomorrow.