Business email compromise (BEC) is a cyber-attack that is designed to gain access to critical business information or extract money through email-based fraud.
Cybercriminals send emails that appear to be coming from trusted entities like the CEO, CFO, and business partner. These emails are shared with an attempt to trick the victim into revealing sensitive information about the company. It’s a type of cybercrime with the potential to cost a company millions of dollars, loss of assets and sensitive information.
Many business owners believe that BEC can only happen to bigger entities like MNCs. But the fact is SMEs are equally targeted, even the most astute can fall victim to one of these sophisticated schemes.
How Can BEC Affect Organizations?
Unlike standard forms of phishing which are targeted to multiple people at a time, BEC attacks are more researched and targeted at single person. In most cases, these targeted attacks are designed to breach a network of commercial, governmental, and even non-profit organizations with very specific goals.
In this remote working environment, video conferencing and other collaboration tools have become indispensable tools and cybercriminals are taking advantage of the same by sending malicious emails that impersonate a notification from any collaboration platform. Let’s say employees get an email from the head of IT which is actually a phishing mail asking them to email back login details of their cloud accounts due to an IT update. The employees who are not aware about cyber tricks will send across their credentials and the same will be used for security breach by the cybercriminals.
During the third quarter of 2020, the average number of BEC attacks received per company each week rose by 15% from the second quarter.
It’s clearly seen that BEC is increasing rapidly in recent times with cybercrimes coming up with innovative ways to get away with fraud
This is why industry experts are coming up with email authentication protocols like DMARC to offer a high level of protection against impersonation.
What is An Email Authentication?
It is a technical way to prove that email is not forged; it provides a way to verify that an email is coming from trusted source. It blocks spam and phishing types of emails.
Simple Mail Transfer Protocol (SMTP), which is the industry standard for email transfer, has no such in-built feature for message authentication. This can exploit the business with lack of security by targeting phishing emails and domain spoofing attacks.
Therefore there is a need for high end email authentication protocols like DMARC
How Does Email Authentication Work?
Email authentication generally works like this:
- There is an established rule for authenticating emails from all of its sending domains by the business or domain owners.
- The organization configures its sending email servers and email infrastructure to implement these rules.
- The email authentication rules are published in the DNS records (Domain Name System records) for each sending domain.
- The mail server which is receiving emails authenticates the sender email according to the established rules
- Receiving email servers handle emails according to the authentication results to correctly deliver, quarantine, or reject emails.