Business Email Compromise Warning Signs

Uploaded on 2024-06-11 in TECHNOLOGY--Resilience, FREE TO VIEW

As online dangers keep changing, one type of attack really tricks people's minds: business email scams. These scams rely a lot on tricking people rather than hacking into systems. It shows how important it is to know and protect against trickery in today's online world.

Business email compromise (BEC) attacks are one type of attack particularly adept at manipulating human behaviour. These schemes heavily exploit social engineering tactics, emphasizing the need to grasp and counteract the skillful use of deception.

Social engineering, present in 90% of phishing attacks today, is the cornerstone of BEC attacks. These schemes exploit human vulnerabilities, leveraging urgency, emotional manipulation, and familiarity to trick individuals into divulging sensitive information or performing unauthorized actions.

Understanding common social engineering tactics and the threat groups behind them is crucial for businesses seeking to fortify their defences against BEC attacks.

Exposing Threat Actor Groups

Diamond Sleet:  Notorious for its software supply chain attack on JetBrains, Diamond Sleet poses a significant threat to organizations. By infiltrating build environments, this group jeopardizes the integrity of software development processes, warranting heightened vigilance from affected entities.

Sangria Tempest (FIN):  Sangria Tempest specializes in targeting the restaurant industry, employing elaborate lures such as false food poisoning accusations to steal payment card data. Leveraging underground forums for recruitment and training, this Eastern European group has orchestrated numerous successful attacks, compromising millions of payment card records.

Octo Tempest:  This group, driven by financial motives, employs sophisticated adversary-in-the-middle (AiTM) techniques and social engineering tactics. Initially targeting mobile telecommunications and business process outsourcing firms, Octo Tempest later partnered with ALPHV/BlackCat to amplify its impact through ransomware operations.

Midnight Blizzard:  Operating primarily out of Russia, Midnight Blizzard targets governments, diplomatic entities, NGOs, and IT service providers across the US and Europe. Utilizing Teams messages as lures, this group aims to steal credentials by engaging users in multifactor authentication (MFA) prompts.

Safeguarding Against Social Engineering Fraud

Protecting against social engineering fraud requires a multifaceted approach. Firstly, maintain separation of personal and work accounts. By keeping personal and work accounts separate, individuals can mitigate the risk of attackers exploiting personal information to impersonate trusted entities and gain access to corporate data.

It is critical to implement Multi-Factor Authentication (MFA). While MFA adds an extra layer of security, businesses should be vigilant against emerging threats like SIM swapping. Linking MFA to authentication apps rather than phone numbers can mitigate this risk.

Educating users on the dangers of oversharing personal information online is also extremely important. Limiting the availability of personal details reduces the effectiveness of social engineering tactics that rely on establishing trust.

Businesses must deploy robust endpoint security, firewalls and email filters to safeguard against phishing attempts and other malicious activities. These defences serve as critical barriers against intrusions and data breaches.

By staying informed about ongoing threat intelligence and maintaining up-to-date defences, businesses can effectively thwart the increasingly sophisticated tactics employed by social engineering threat actors. Proactive measures are essential in safeguarding against the pervasive threat of social engineering fraud.
 
John McLoughlin is CEO of J2 Software

Image: AntonioGuillem

You Might Also Read:

Businesses Must Prioritise Safeguards Against Common Threats:

DIRECTORY OF SUPPLIERS - Email Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« London Hospitals Held To Ransom
OpenTofu's New State File Encryption Is A Boon For IaC Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Aiuken Cybersecurity

Aiuken Cybersecurity

Aiuken is an international IT Security company, focused on communications and IT technologies, specialised in Security and Cloud Services solutions with high added value.

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group, Ltd. (STIGroup) is an innovative firm that provides CyberSecurity consulting, secure IT engineering, managed security services, and human capital solutions.

Stealth-ISS Group

Stealth-ISS Group

Stealth–ISS Group is your extended IT, cyber security, risk and compliance team, providing strategic guidance, engineering and audit services, along with technical remediation and security operations.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.

SphereX Technologies

SphereX Technologies

SphereX is the first on-chain security solution for Web3 applications.

CyAmast

CyAmast

CyAmast is an IoT Network security and analytics company that is changing the way enterprise and governments detect and protect networks from the pervasive threat of cyber attacks.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.