- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
With business e-mail compromise, hackers target specific business e-mail addresses - often those of your superiors. This way you can spot the attack before damage occurs.
Everyday Emails Are at High Risk of Being Hacked
Even in times of modern
instant messaging applications such as Slack or Discord, the good old e-mail
still has a central position in communication in a business context - whether
as a means of interacting with
customers or negotiating contracts
with suppliers and managing employees through
to internal file sharing. It
are precisely this everyday use and the fact that emails are a matter of course
that make them one of the most attractive avenues for hacking companies. How
successful they are is shown by the latest figures in Verizon's Data Breach Report, according to which e-mails remain the
most common attack vector (96%) for social
engineering attacks valid. Above all, phishing attacks on companies, the so-called “Business
Email Fraud” or “Business Email Compromise” (German: business email fraud),
cause immense costs.
Business E-Mail Compromise Can Affect Anyone
Business e-mail fraud
can take many forms: from relatively easy-to-recognize mass mailings sent to
employees of a company to extremely well-prepared spear-phishing
attacks against individual
employees. In theory, anyone with a business email address is affected. Particularly
perfidious: fraudsters often pose as colleagues, in some cases also as
superiors. Then one speaks of the so-called “CEO Fraud” (German: Superiors Fraud).
How Can I Recognize Business Email Compromises?
Even if the forms of business e-mail compromise is quite diverse, you can recognize them based on certain criteria. This enables you to take action yourself and successfully defend your company on the cyber front. It is possible to detect and prevent email fraud even if you are not an expert in the field of cybersecurity. These six factors are common to many counterfeit or fraudulent emails in the business context - they will help you identify dangerous emails and avoid business email compromise and CEO fraud:
- Urgency: Cyber
criminals have a great interest in carrying out frauds quickly in order
to prevent any suspicion or even a critical examination by the victim in
the first place. To increase the pressure on the victim, they open
up big guns, such as an alleged breach of contract, a penalty for an
overdue bill, an account suspension, or the shutdown of service.
- Badly revised
communication: Serious
companies invest a lot of time and money in the design of emails in order
to maintain and improve the reputation of their brand. Generic
greetings, grammatical errors, and bad formatting are striking signals of
business email compromise or phishing emails.
- Contacts only by mail: Hackers try to maintain their false identities and avoid personal contact. In the case of unusual or urgent inquiries, an authenticity check by the telephone may be sufficient to unmask them.
- Strange URLs
and domains: Many hackers use external links in phishing emails to redirect potential victims to fake websites or a form where personal and financial information is collected. The wrong links are often difficult but can be recognized by a trained eye. An example is inconsistent links where the display and destination URLs do not match. Other are fake, slightly changed URLs such as “webside.com”
instead of “website.com”.
- No flexible
support: Cyber
criminals often imitate well-known brands and organizations to exude trust and credibility with their victims. Medium-sized and large companies often offer differentiated customer support and often have employees who have been trained for special issues. Therefore,
in the event of uncertainty, it helps to inquire about specialist contact
persons and thus check whether an information request is legitimate.
- Dubious
attachments: Another common phishing technique is adding
one or more malicious attachments to fraudulent emails. These files
can contain viruses or other types of ransomware / malware . Particular attention should
be paid to unknown senders and especially to certain file types such as
compressed files (e.g. .rar, .zip), files that are used to execute
program codes (e.g. .bat, .cmd, .exe & .msi) and Macro-enabled
documents (e.g. .docm, .pptm and .xlsm).
- Use antivirus: This is very essential to use security software to provide protection to your confidential data. Try Protegent360's free antivirus software to give maximum protection.
- Get link
- X
- Other Apps
Comments
Post a Comment