Business Email Compromise Warning Signs

Uploaded on 2024-06-11 in TECHNOLOGY--Resilience, FREE TO VIEW

As online dangers keep changing, one type of attack really tricks people's minds: business email scams. These scams rely a lot on tricking people rather than hacking into systems. It shows how important it is to know and protect against trickery in today's online world.

Business email compromise (BEC) attacks are one type of attack particularly adept at manipulating human behaviour. These schemes heavily exploit social engineering tactics, emphasizing the need to grasp and counteract the skillful use of deception.

Social engineering, present in 90% of phishing attacks today, is the cornerstone of BEC attacks. These schemes exploit human vulnerabilities, leveraging urgency, emotional manipulation, and familiarity to trick individuals into divulging sensitive information or performing unauthorized actions.

Understanding common social engineering tactics and the threat groups behind them is crucial for businesses seeking to fortify their defences against BEC attacks.

Exposing Threat Actor Groups

Diamond Sleet:  Notorious for its software supply chain attack on JetBrains, Diamond Sleet poses a significant threat to organizations. By infiltrating build environments, this group jeopardizes the integrity of software development processes, warranting heightened vigilance from affected entities.

Sangria Tempest (FIN):  Sangria Tempest specializes in targeting the restaurant industry, employing elaborate lures such as false food poisoning accusations to steal payment card data. Leveraging underground forums for recruitment and training, this Eastern European group has orchestrated numerous successful attacks, compromising millions of payment card records.

Octo Tempest:  This group, driven by financial motives, employs sophisticated adversary-in-the-middle (AiTM) techniques and social engineering tactics. Initially targeting mobile telecommunications and business process outsourcing firms, Octo Tempest later partnered with ALPHV/BlackCat to amplify its impact through ransomware operations.

Midnight Blizzard:  Operating primarily out of Russia, Midnight Blizzard targets governments, diplomatic entities, NGOs, and IT service providers across the US and Europe. Utilizing Teams messages as lures, this group aims to steal credentials by engaging users in multifactor authentication (MFA) prompts.

Safeguarding Against Social Engineering Fraud

Protecting against social engineering fraud requires a multifaceted approach. Firstly, maintain separation of personal and work accounts. By keeping personal and work accounts separate, individuals can mitigate the risk of attackers exploiting personal information to impersonate trusted entities and gain access to corporate data.

It is critical to implement Multi-Factor Authentication (MFA). While MFA adds an extra layer of security, businesses should be vigilant against emerging threats like SIM swapping. Linking MFA to authentication apps rather than phone numbers can mitigate this risk.

Educating users on the dangers of oversharing personal information online is also extremely important. Limiting the availability of personal details reduces the effectiveness of social engineering tactics that rely on establishing trust.

Businesses must deploy robust endpoint security, firewalls and email filters to safeguard against phishing attempts and other malicious activities. These defences serve as critical barriers against intrusions and data breaches.

By staying informed about ongoing threat intelligence and maintaining up-to-date defences, businesses can effectively thwart the increasingly sophisticated tactics employed by social engineering threat actors. Proactive measures are essential in safeguarding against the pervasive threat of social engineering fraud.
 
John McLoughlin is CEO of J2 Software

Image: AntonioGuillem

You Might Also Read:

Businesses Must Prioritise Safeguards Against Common Threats:

DIRECTORY OF SUPPLIERS - Email Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« London Hospitals Held To Ransom
OpenTofu's New State File Encryption Is A Boon For IaC Security »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

AdaptiveMobile Security

AdaptiveMobile Security

AdaptiveMobile Security, a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

Cyber Intelligence 4U

Cyber Intelligence 4U

Cyber Intelligence 4U is an educational services company that provides two levels of cybersecurity training programs: executive and technical.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

Onum

Onum

Onum helps security and IT leaders focus on the data that's most important. Gain control of your data by cutting through the noise for deep insights in real time.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.

XY Cyber

XY Cyber

XY Cyber enable Generative AI for Cyber Operations. We simplify the complex world of cyber threats into actionable strategies, empowering your defense with AI-powered solutions.