Business Email
Compromise
Business Email Compromise uses social engineering
techniques like spoofing and spear-phishing to
infiltrate your systems, monitor your communications,
access your data, and steal your money
Business Email Compromise (BEC) illustrates that it just takes one compromised credential or unaware employee to invite a crippling cyber-attack
What is Business Email Compromise?
Business Email Compromise (BEC) leverages social engineering tactics with the purpose of gaining the confidence of an employee and convince them to give up their credentials, change banking details, transfer funds, or steal data.
According to the FBI, BEC monetary losses since 2015 are in the billions. It affects thousands every year, and doesn’t discriminate between small, midsized, and large business. Everyone is at risk! Learn how to protect yourself…
Social Engineering Tactics
Phishing: Sending fraudulent communications with an intent to steal login credentials, install malware, or infiltrate a mailbox from an unsuspecting recipient.
Spoofing: Sending email messages with a forged sender address or domain name. Often this appears as a single-character difference. If the sender’s mailbox has been compromised, spoofing is not required.
Spear-Phishing: Targeted phishing which prioritizes decision makers and those who handle money like executives and accountants
Anatomy of an Attack:
- Step 1: Identify a Target
- Step 2: Grooming
- Step 3: Exchange of Information
- Step 4: Wire Transfer
Types of Business Email Compromise:
- Bogus Invoice Scheme
- CEO Fraud
- Account Compromise
- Attorney Impersonation
- Data Theft
What is the Identity Perimeter?
Combating Business Email Compromise requires an organizational shift in your security practices. That starts which protecting each employee’s identity and login credentials.
Before the digital age, most of your corporate assets could be reasonably secured using locks on file cabinets, security cameras, and loyal employees. Once the digital age hit, it became a more difficult to protect your organization. Securing your network required more effort, including restricting what devices could access data, hiring IT administrators and deploying server firewalls. But then, there was the cloud revolution. With data moving off private servers and onto cloud services, your business assets are now protected only by the strength of your employee’s login credentials
Check out some of Peters & Associates solutions to help mitigate the threat of Business Email Compromise to your business:
Security Health Check for Office 365
With corporate email compromise on the rise, securing your information and digital corporate assets is now more important than ever before.
Secure Identity:
- Conditional Access
- Multi-Factor Authentication
Tenant Settings:
- Administrator settings
- High-risk situations
Automating Tenant Security
- Monitoring threats
- Responding to incidents
We can help you learn how to leverage capabilities
available to you in Office 365 to increase your
security posture.
Multi-Factor Authentication for Office 365
Multifactor authentication is one of the most effective tools to combat identity compromise and protect your business.
A basic implementation of Modern Authentication and MFA to be enabled in Office 365 includes…
- Pilot MFA process with user subset
- Enable Modern Authentication
- Enable Multi-Factor Authentication
- Deploy App Passwords
- Setup trusted IP ranges
- Apply rules across enterprise
- Jumpstart support
Remediation for Office 365
This can include:
- Instituting new Office 365 controls
- Restore compromised credentials
- Fix erroneous mailbox rules
Remediation takes the
findings of the Security
Health Check and corrects
any issues.
Weekly Security Audit for Office 365
Our Office 365 Weekly Security Audit can help you identify weaknesses in your system’s current Office 365 security while monitoring for suspicious activity.
With this automated report, you can compare security events across time periods and gain insight into the true effectiveness of your security practices.
A Weekly Security Audit Can Track:
- Upcoming license expiration
- Proper mailbox auditing
- High current Utilization of license
- Forwarding settings abnormalities
- Mailboxes enabled for unusual protocols
- Mailboxes enabled for unusual connection methods
- Old/unused mailboxes
- Authentication outside of the country
Dark Web Scrapes
Dark Web Discovery
Past security events or breaches may have left your organization’s corporate data available. We can scrape the dark web for this information. This can include:
- Sensitive corporate and customer data
- Compromised credentials
- Insider information and trade secrets
Citrix Workspace Services
XenApp & XenDesktop, XenServer
- Security and Compliance
- Simplified IT
- Cost Savings
Cost-Effective, secure
delivery of Windows
applications and
desktops to any device
with Industry-leading
server virtualization
DirectAccess Planning Assessment
Benefits of Microsoft’s DirectAccess
- Simplified VPN experience – no client for users to launch
- Consistent user logon experience both local & remote
- Secure remote access of corporate resources
- Maintain security updates, corporate policies on remote computers
Breach Response
Breach Response
After a security event occurs, an examination of what lead to that breach, or others in the past, can prevent future exposure. This can include activities such as:
- Historical and active threat hunting
- Memory and network forensics
- Declarative statements about security incidents
Ready to protect your business?
Solution in action
SGA
Control costs and provide excellent service through a managed service agreement, allowing a non-profit to keep more funds focused on serving their community…