Business Email Compromise Transformation
In recent years, the landscape of cyber threats has undergone significant transformation, with business email compromise (BEC) attacks emerging as a prominent concern. Insurance companies report an alarming trend, noting that there are now ten instances of BEC for every ransomware attack, and projections indicate this ratio is likely to grow. Misconfiguration within Microsoft Office 365 (O365) have further exacerbated the frequency of BEC incidents.
Business Email Compromise Examples
BEC attacks predominantly utilize social engineering strategies, with approximately 70% of reported cases employing some form of social manipulation. These intricate attacks often involve deceiving individuals into transferring funds or divulging sensitive information. For instance, in one case, attackers partially accessed a victim’s email account, issuing fraudulent invoice requests and redirecting responses. This method creates the illusion that the victim retains control over their email, while the attacker manages verification communications, misleading clients into believing it is safe to proceed with the wire transfer. This deception resulted in millions of dollars being transferred to fraudulent accounts, with minimal prospects for recovery.
In another scenario, a vendor was compromised, leading to a man-in-the-middle (MITM) attack. In this case, the communication between the vendor and the customer appeared legitimate, yet the threat actor was able to modify the wire transfer instructions. As a result, customers unwittingly sent significant amounts—sometimes reaching millions of dollars—to incorrect accounts, convinced that the transactions were valid.
These occurrences present challenges for insurance claims. Generally, insurance policies stipulate the need for verification of any alterations in wire instructions. However, when communications seem authentic, this verification step is frequently neglected. Despite the implementation of advanced email filtering systems and security measures, these attacks manage to bypass defenses due to the perceived legitimacy of the compromised communication channels.
Here are a couple of detailed articles from two of our partners with further details and statistics: VIPRE Security and Microsoft
To learn more about BEC prevention and interactive employee training, contact PTS today!