Block business-damaging
impersonation attempts

Start Now

Are you sure you got an email from your CEO?

Or was it a Business Email Compromise?

Business Email Compromise (BEC) ranks among the most frequent email cybercrimes that is also one of the top culprits of huge financial losses for companies. This highly personalized social engineering attack involves hacking, spoofing or impersonating an email account in order to send an email that appears to come from a trusted source, luring the victim into sharing confidential information or transferring payments.

Types of Business
Email Compromise

The FBI differentiates between 5 types of BEC:

  • False Invoice Scheme – This is a common scenario where victims receive an email that seems to be from their supplier requesting them to pay an invoice to an account set up by scammers.
  • CEO Fraud – Very often, the Business Email Compromise will impersonate directors or executives and ask the financial department of their own company or a partner for a certain wire transfer.
  • Account Compromise – In this type of account takeover, the criminals take control of an executive’s or lower-level employee’s email account and request payment to a list of vendor accounts that are, in fact, fraudulent.
  • Attorney Impersonation– Attackers usually contact victims outside working hours, posing as lawyers or other legal professionals to make urgent confidential requests that the victim cannot immediately verify.
  • Data Theft – Typically, this type of BEC often serves as the basis for subsequent attacks, such as CEO fraud. The goal is to collect sensitive data from HR employees, such as the personal information or tax statements of their executives.

Why is Business Email Compromise so dangerous:

  • Immense financial losses – BEC is one of the most financially damaging cybercrimes.
  • Difficult to detect – It does not contain malware, dangerous links or attachments, which makes it hard to detect. Techniques such as domain spoofing and lookalike domains further complicate its identification, especially with legacy tools, point products and native cloud platform defenses.
  • It targets human behavior – Business Email Compromise relies on employees’ unawareness and distraction to be successful. Since it is technically difficult to detect, it is left mainly to employees to identify the fraud. And a human-centric defense requires training!
  • Loss of sensitive information – Stealing sensitive information, personal data, and account credentials from executives and employees authorized to make payments that can be used for further crimes.
  • Difficult and time-consuming to investigate
  • Image loss – Especially in the case of Account Compromise, the malicious email is indeed sent by the real person, which can lead to a serious loss of trust, a building block of every business relationship.

GBS can help you prevent
Business Email Compromise.

We offer:

Spam & Content Recognition

Detect and process spam with two spam engines

Categorization of mails

Content recognition

Prevention of sending confidential information to unauthorized recipients

Identification of sensitive information in emails

GO TO PRODUCT

Malware Protection

Scanning for and blocking of malware, viruses, phishing, ransomeware, email spoofing, etc.

Combination of up to 4 renown scanners

Converting attachments to PDFs to block malicious codes

GO TO PRODUCT

Data Loss Prevention

Identification of behavior anomalies

Prevention of sending confidential data

GO TO PRODUCT

Disclaimer & Signature Management

Using banners to indicate external messages

Using different footers for internal and external messages

GO TO PRODUCT

Encryption

Signing messages with the encryption standard S/MIME

GO TO PRODUCT

Do you want to protect your business from Business Email Compromise?

Simply contact our Sales team at sales@gbs.com to make an inquiry or request a demo, and we’ll be happy to work with you to improve your security posture.

Materials

Blog-Article:

Business Email Compromise – the most expensive email attack

BEC is much more dangerous and costly than phishing

Business Email Compromise (BEC) is yet another attack tactic that has been on the rise in the last several years. According to different studies and researchers (e.g. FBI Crime Complaint Center), BEC is one of the most lucrative attacks for cybercriminals. Based on an FBI research (I3C), losses from BEC scams amount to $1.8 billion in the US alone. This is a fourfold increase compared to 2016. Furthermore, Statista reports that the number of BEC attacks is growing every year.

View