Business Email Compromise (BEC) Attacks

When Business Email Compromise (BEC) attacks first began showing up as a problem back a few years ago, the FBI warned that the scam “relies on the oldest trick in the con artist's handbook: deception”. The basic premise may not be very sophisticated, but it is very effective. Since 2013, organized crime groups have targeted large and small companies and organizations in every U.S. state and more than 100 countries around the world—from non-profits and well-known corporations to churches and school systems. Losses are in the billions of dollars and climbing. In its recently released 2019 Internet Crime Report, the FBI said it had recorded more than $1.7 billion in losses related to 23,775 BEC attacks. That was nearly half of all reported losses from cybercrime.

How Do BEC Attacks Work?

The basic aim is to trick company employees into making sensitive information available to them. Examples of this are:

• Access to company finances

• Electronically transfer funds into an account

• Gaining access to a company’s network

Often, these are done through a combination spear-phishing attack with malware - and then carry out surveillance on the organization and its senior executives. Then, at a time of their choosing based on knowledge of schedules and communication habits of executives, the criminals send phony emails purportedly from the executive to someone in finance requesting an immediate wire transfer.

The following are some tools used by cybercriminals to target and exploit their victims:

• Spoofing e-mail accounts and websites: Slight variations on legitimate addresses (john.kelly@abccompany.com vs. john.kelley@abccompany.com) fool victims into thinking fake accounts are authentic. The criminals then use a spoofing tool to direct e-mail responses to a different account that they control. The victim thinks he is corresponding with his CEO, but that is not the case.

• Spear-phishing: Bogus e-mails, believed to be from a trusted sender, prompt victims to reveal confidential information to the BEC perpetrators.

• Malware: Used to infiltrate company networks and gain access to legitimate e-mail threads about billing and invoices. That information is used to make sure the suspicions of an accountant or financial officer are not raised when a fraudulent wire transfer is requested. Malware also allows criminals undetected access to a victim’s data, including passwords and financial account information.

How Can You Prevent a BEC Attack?

One of the core features of the Gold Comet solution is “whitelisting”. Whitelisting is defined as the practice of explicitly allowing some identified entities access to a privilege, service, mobility, access or recognition. It is the reverse of blacklisting, which explicitly denies access. As implemented within the Gold Comet system, whitelisting is a process of controlling the accounts with whom you may communicate and eliminates the risk of these BEC attacks. If an email address is not whitelisted, emails are not delivered into the Gold Comet system, eliminating spam, spoofed email accounts, phishing (including spear-phishing), and Malware. Through our use of additional email security tools, even Malware sent from a whitelisted email address is identified and removed from incoming messages.

Our motto at Gold Comet is “Total Privacy for your Online Communications“. Gold Comet was established with one thing in mind that is to bring privacy to your online communications. That is why we are constantly updating our cyber security posture. We started with a patented encryption system and built upon that.