Edgewave Solutions

Business Email Compromise

Deceptive emails need defense-in-depth security

Business Email Compromise (BEC) continues to generate huge profits for cybercriminals, topping $12B globally. It works because the level of sophistication in this multifaceted global fraud tactic is unprecedented resulting in professionals continuing to fall victim to the scheme.

Social networks make finding information about your organization exceedingly simple, so creating targeted emails that look legitimate is child’s play. And with workers today constantly bombarded with information from multiple channels across numerous devices, expecting them to be always vigilant is most impossible.

BEC can take a variety of forms. But in just about every case, the scammers target employees with messages that highlight the need for urgent access to company finances, and trick them into making wire transfers to bank accounts thought to belong to trusted partners—except the money ends up in accounts controlled by the criminals.

Tools of the BEC trade

Spoofing e-mail accounts and websites

Slight variations on legitimate addresses (john.kelly@abccompany.com vs. john.kelley@abccompany.com) fool victims into thinking fake accounts are authentic. The victim thinks he is corresponding with his CEO, but that is not the case.

Spear-phishing

Bogus e-mails believed to be from a trusted sender prompt victims to reveal confidential information to the BEC perpetrators.

Social Engineering

Using readily available information from social media networks increases the apparent legitimacy of an email. If it “looks” like it came from the CEO, uses the same name found on their social network profile, and uses my correct name (and title perhaps), it must be valid.

How to stop the scams.

EdgeWave’s Email Security Platform provides 3 layers of security to help block and remove BEC attacks. Our Predelivery Protection, Postdelivery Detection and Incident Response solutions offer defense-in-depth that gives you and your users tools to spot, analyze and remediate threats. Predelivery Protection analyzes all email, applying numerous technologies to detect malicious or spoofed email. Predelivery Protection is an integral part of any email security strategy strategy, yet no email gateway can address extremely targeted attacks like spear-phishing.

To address these highly targeted email threats, EdgeWave Postdelivery Detection lets users instantly submit any suspicious email to the EdgeWave Threat Detection Center for analysis. Once an email is classified as malicious, our Incident Response solution automatically deletes all copies of the same email from all users’ inboxes. In today’s world of sophisticated BEC attacks, having these additional layers on top of your email gateway is essential to protecting your data and organization.