Business Email Compromise (Business Email Compromise) Attack and Protection Methods

BEC is one of the online fraud methods that occurs when the email security is breached. Financially, it causes a lot of damage to institutions and organizations. BEC is defined as man in the mail. Although BEC attack management may seem simple, it is actually extremely effective. The attacker pretends to be from a secure source and makes the request with a legitimate email.

We can explain BEC attack management in more detail as follows:

• Attackers use potentially similar domain names defined as Cousin Domains for the domain account they are targeting.

• Attackers send legitimate e-mail contents to reveal their victims’ information with the e-mail account that is seen as legitimate.

• Attackers request money or access information by sending malicious mail under the name of billing.

Recommendations for protection from BEC attack method:

• Be careful with the information you share on social media and online platforms. It will be easier for an attacker to guess your password when you openly share your information, such as family members, pet names.

• Do not click on a spam email and text message to update and verify account information.

• 2FA(Two-Factor Authentication) is one of the secure methods for people to authenticate their credentials. Take care to use 2FA to verify the person.

• Be careful when reviewing any correspondence. Especially for URLs. Scammers use slight differences to trick your eye and gain your trust.

• Do not forget to get a voice confirmation beforehand for payment methods.

• Be especially careful if there is pressure to make a payment in the content of the mail.

You can listen to the song of this article here. Thanks for taking the time to care.