Business email compromise attack techniques use newly stolen accounts or accounts that appear to legitimately be part of a reputable business to launch cyberattacks. These attacks typically aim to make the victim reveal sensitive information, grant access to other parts of the network, or directly send money or resources to the attacker. Hackers will target businesses of any size, and SMBs frequently become involved in either having their business email compromised or being sent emails from a compromised account. These attacks use social engineering strategies to be successful, so we want to outline three common business email compromise attack techniques, so SMBs can be more prepared to identify malicious emails and lower the likelihood of giving up sensitive data!
Taking Over Conversations
A common business email attack technique is the attacker responding to email conversations that the victim has recently been having. They will request sensitive information or leverage the conversation to demand resources or payments to be sent directly to them. By taking over communications already established as trustworthy, attackers have a better chance of the other party complying with their demands. If communication with a client or contractor becomes confrontational or sensitive data is requested, it is encouraged to contact the account owner using another form of communication. One call can reveal the business email compromise attack technique before your business sends protected data.
Mass Emails
Once attackers have taken over an email account, they may use it to send out a massive number of malicious emails to the account owner’s contact list and other email addresses. Because the victim’s account is a legitimate business account, people on the victim’s contact list will usually trust the email and other businesses may be less suspicious of an email from the account. These emails will leverage the account’s trustworthiness to request information or ask the user to click on a malicious link or attachment that will lead to further attacks. SMBs should always be suspicious of emails that require an action on their part, and it is best practice to not click on unexpected links or attachments.
Spear Phishing
A less common business email compromise attack technique is to use compromised accounts to launch a spear phishing campaign. Spear phishing attacks target specific companies and individuals with complex, well-designed strategies. A business email that has been taken over can be used to aid a spear phishing campaign because of its trustworthiness and close ties with the intended target. Malicious actors will often use BEC attacks to gain access to clients or contractors of their actual target, so SMBs should train employees on strong cybersecurity skills and strong password hygiene. It is also recommended to work with an IT consultant for a network assessment after employee credentials have been compromised.
Summary
Small and medium companies must be aware of business email compromise attack techniques because it is only a matter of time before a malicious email appears in your inbox. Having the right training in place and knowing how to respond to common social engineering strategies can stop an attack before it has a chance to damage your network. The Robinett Consulting team knows that BEC attacks can cause companies to close their doors, so we want to work with your small or medium business to help protect employees from BEC attacks and re-secure your network after an account compromise!