SEO Texas, Web Development, Website Designing, SEM, Internet Marketing Killeen, Central Texas
SEO, Networking, Electronic Medical Records, E - Discovery, Litigation Support, IT Consultancy
Centextech
NAVIGATION - SEARCH

BEC: Business Email Compromise Attacks Are On The Rise

The BEC (Business Email Compromise) attack is a scam that usually targets corporates that conduct wire transfers to overseas suppliers. They target official email accounts of executives and high-level employees working in administration or finance departments. Such email addresses, involved with conducting wire transfer payments are either spoofed or compromised through keyloggers or phishing attacks. Corporations lose hundreds of thousands of their revenue every year via these fraudulent transfers.

Attackers in the BEC, also known as the Man-in-the-Email scam, rely on social engineering tactics. They trick the employees and executives working in non-tech roles. They usually impersonate employees from the board of directors/management, or executives who are authorized to do wire transfers. Additionally, fraudsters also research and closely monitor their potential target victims, their organizational movements, and likewise.

Security Professionals in any organization usually encounter these 5 types of BEC scams:

  1. Fraud invoice: Firms with overseas suppliers are targeted wherein attackers impersonate suppliers requesting fund transfers for payments to account(s) owned by fraudsters.
  2. Executive fraud: Attackers impersonating executives send the email(s) to finance, administration, or procurement department employees requesting them to transfer money to account(s) that the hackers’ control.
  3. Account compromise: Executive(s) or employees’ email account(s) are hacked to request invoice payments to vendors or clients listed in their email contacts.
  4. Attorney impersonation: Attackers impersonate any person from the legal team or from any legal firm in charge of important and urgent matters regarding your organization.
  5. PII theft: PII (Personally Identifiable Information) of employees and tax-related statements in possession of the HR department are harvested to carry out future targeted attacks on potential individual victims.

GreatHorn, a cloud email security provider, released a BEC landscape report in 2021 that is based on information provided by 270 IT and cybersecurity professionals. 30% of them confirmed receiving 50% of malicious links in emails while a similar number of participants from the BFSI sector revealed being a victim of spear-phishing attacks. 35% of organizations disclosed that BEC attacks account for 50%+ of their incidents while a similar percentage of firms encounter spear-phishing emails on a weekly basis. Half of the professionals have dealt with a security incident in the past 12 months where every 1 out of 4 companies received at least 76% of the malware they detected via email. Usually, these email(s) do not contain any malicious links or attachments, hence they easily evade traditional as well as advanced security solutions deployed. BEC attacks are becoming more expensive than ransomware and are usually unbeatable.

 How would you protect yourself from getting tricked by these cyber fraudsters? 

  1. Check the source of email including the domain name from where it has been sent.
  2. Be alert to see anything suspicious regarding payment requests over emails.
  3. Protect email systems with advanced software capable of tracking spam and filtering out emails.
  4. Don’t make presumptions over the email, always confirm the wire transfer requests with the sender over a phone call or a video call.
  5. When in doubt, contact cybersecurity teams in your organizations as you encounter such emails in your inbox.
  6. By training the employee staff, executives, partners, clients, and customers in end-user security awareness. This can help detect and prevent being a victim of BEC attacks.

For cybersecurity and IT solutions for business, contact Centex Technologies at (972) 375 - 9654

Types Of Cyber Attacks

Cyber-attacks have become sophisticated and are now capable of causing long-term effects on organizations. Thus, businesses need to prepare comprehensive cybersecurity policies. The first step to drafting a cybersecurity policy is to be aware of the threats.

Here are the types of cyber-attacks that an organization is most likely to face:

  • Brute Force Attack: Under this type of attack, the attackers adopt a trial and error approach to guess the password to a system or user account. They try every possible combination of passwords or passphrases until the account is unlocked. Brute force attacks are expedited by using software or tools that can push many possible passwords in a short time. Some of the tools used by cybercriminals include Aircrack-ng, Crack, Hashcat, Hydra, etc.
    Safety Tips:
  • Use complex passwords and change them regularly
  • Set a limit on number of login attempts
  • Enable captchas
  • Employ multi-factor authentication
  • Credential Stuffing: Credential stuffing cyber-attack is based on the assumption that users tend to keep the same password across multiple accounts. Attackers use a database of compromised credentials (password breach database available on the dark web containing stolen credentials from data breaches) to gain unauthorized access to an account. The attackers use bots for automating and scaling up the attack. The hacked accounts can be used for financial theft, fraudulent transactions, misuse of stored data, etc.

Safety Tips:

  • Employ multi-step login process throughout the organization
  • Blacklist suspicious IP addresses
  • Use techniques such as device fingerprinting
  • Phishing & Spear Phishing: Phishing is one of the most common cyber-attack types. Attackers frame an email that looks legitimate with a seemingly trusted source to trick targets into providing personal details. The emails generally include matters that would require a user to act in a hurry; for example, the email may mention that the user needs to verify his details within a few minutes to avoid being charged a penalty or account suspension by his financial institution. The attackers use technical knowledge in conjunction with social engineering to design a successful phishing attack. Spear phishing is a more targeted attack where the attackers research the target to prepare a more personalized message or email.

Safety Tips:

  • Be wary of emails from unknown sources
  • Before clicking on a link, hover over it to see the destination
  • Pay close attention to email headers
  • Malware Attacks: Malware is a broad term representing attacks where malicious software is downloaded on the target device to steal, encrypt, or delete sensitive data for business or financial benefits. Majorly known forms of malware include adware, bots, ransomware, and Trojans.

Safety Tips:

  • Use a dedicated tool for adware removal
  • Install firewall and keep the system up-to-date
  • Perform frequent backup
  • Avoid downloads from unknown sources

Centex Technologies is committed to helping clients understand cyber-attacks and formulate an effective strategy to stay protected. For more information, call Centex Technologies at (972) 375 - 9654.

Recent Cyber Attacks

Recent times have been quite eventful for cybersecurity specialists. The world witnessed a number of cyber-attacks; thereby creating a need for adoption of advanced cybersecurity solutions.

Here is a brief description about some significant breaches that happened recently:

  • SolarWinds: In this attack, hackers were able to successfully compromise the infrastructure of a company named SolarWinds. The company produces a network and application monitoring platform known as Orion. After compromising the company’s infrastructure, the attackers used their access to distribute compromised version of the software to the users including 425 of Fortune 500 companies, top ten telecommunication companies of US, top five US accounting firms, hundreds of colleges worldwide, etc. Malware infected version of Orion was used to successfully breach a cyber-security company known as FireEye. Another malware known as Supernova also used the compromised Orion version as the delivery method to infect its victims.
  • Software AG: Software AG is the second largest software vendor in Germany and seventh largest in Europe. It was hit by Clop ransomware attack in October 2020. The attackers demanded $23 million as ransom.
  • Sopra Steria: It is a European IT firm that provides an array of IT services, including consulting, systems integration, and software development. In October 2020, the company was attacked by a new version of Ryuk ransomware.
  • Telegram: A group of hackers that had access to the system used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business.

Formulating new cyber security strategies and updating existing protocols is necessary for staying protected against cyber-attacks. A great way to do so is to observe the cyber-attacks and understand the new techniques being used. Recent cyber-attacks have shown that ransomware and social engineering attacks are gaining momentum. In terms of defensive actions, SolarWinds attack has indicated that third party risk management needs to be prioritized. Protecting remote endpoints and workers has emerged as next priority. Automated response systems should be used to improve the response time for preventing lateral infections through the network.

Centex Technologies provides cybersecurity solutions to businesses. For more information, call Centex Technologies at (972) 375 - 9654.

Basics Of Cyber Security Strategy

In a practical environment, a cyber security strategy is actually an amalgamation of multiple strategies. Cyber security professionals employ different strategies in coordination with each other in order to ensure a multidimensional protection against cyber threats.

Here is a brief guide to cyber security strategies:

Creating A Secure Cyber Ecosystem: The cyber ecosystem involves a wide range of entities including devices, individuals, management, private organizations, etc. which interact with each other. This strategy emphasizes on having a robust cyber ecosystem that would permit its devices to interact in a secure manner. A strong cyber ecosystem has three symbiotic structures – automation, interoperability, and authentication.

Creating An Assurance Framework: The basic objective of this strategy is to design an outline in compliance with global security standards. The framework that is designed is in compliance with industry wide standards, guidelines, and practices. These parameters help businesses to manage cyber security related risks.

Encouraging Industry Standards: Standards help in defining the outline of how an organization approaches the information security related issues. Implementation of cyber security standards enhance the efficiency of security processes, enable systems incorporations, provide a medium to test new applications, organize the approach to arrange new technologies in the cyber framework, etc.

Creating Mechanisms For IT Security: Different IT security mechanisms differ in their internal application features and attributes of security they provide. Following are the common IT security mechanisms:

  • Link Oriented Measures
  • End-To-End Measures
  • Association-Oriented Measures
  • Data Encryption

Protecting Critical Information: Critical information such as user data, login credentials, financial data, business trade secrets, etc. is the backbone of any organization. Safeguarding critical information against growing cyber threats needs a structured approach. This strategy can be implemented via following steps:

  • Defining critical information
  • Categorizing the available information
  • Prioritizing information categories
  • Securing the most critical information
  • Testing the framework
  • Securing the second category and repeating the cycle

Security As A Service: SaaS providers offer a cyber security solution with different attributes to meet diverse cyber security needs of organizations. This strategy can be implemented based on 5 C’s:

  • Change – Organizations face changing pressures from different sources such as competitive threats, new regulations, internal threats, cyber threats, etc. SaaS model enable organizations to respond to these changes quickly.
  • Compliance – SaaS solutions are designed keeping in mind the governances, regulations, etc.
  • Cost – SaaS provides an alternative cyber security solution allowing the in-house IT teams to focus on core business.
  • Continuity – Multi-tenant SaaS services are hosted in highly reliable data centers with built-in redundancy.
  • Coverage – SaaS solutions offer clear benefits with geographically dispersed sites allowing easy management of remote users.

For more information on basics of cyber security strategy, call Centex Technologies at (972) 375 - 9654. 

History Sniffing Cyber Attacks

History Sniffing is an umbrella term that defines different techniques used to monitor the web browser history for diverse purposes including the launch of a cyber attack. Although it is an old trick, the technique is still being used for victimizing internet users. In the recent times, studies have shown a rise in the types and numbers of history sniffing cyber attacks for the sheer ease of launching such attacks.

How Is History Sniffing Cyber Attack Launched?

  • The cyber attackers create fake online advertisement and preload attacker code in this ordinary looking advertizement.
  • The code is embedded with a list of target websites (the websites that hackers want to know if the user has visited).
  • When user clicks on the advertizement, the code starts running and checks the browsing history for target websites.
  • If the user has visited any of the target websites, the program will indicate a match to the hacker.
  • The hackers then redirect the victim to corresponding fake version of the website to cause further damage.

How Are History Sniffing Attacks Used?

The data collected by history sniffing attacks is used as a foundation for other types of cyber attacks by hackers.

  • Phishing: Hackers use history sniffing techniques to find out the financial organization websites visited by the victim. This data is then used to launch customized phishing attacks which automatically match every victim to a fake page of actual financial organization. The victims are tricked into filling their financial details which can be used by hackers to steal money from users’ accounts.
  • Stalking: History sniffing can be used to stalk internet users by keeping an eye on their browsing behavior. Hackers may keep a track of social media pages or locations saved in the browser history. Stalking may cause some serious problems for the victim such as kidnapping, physical damage, assault, etc.
  • Identity Theft: It is common for internet users to save their login details or choose the option to ‘keep Logged In’ on their browser. Hackers can use history sniffing coupled with other malicious code to check the social media profiles logged in on the browser and access these profiles to pose as the user. They can further use these accounts to send unauthorized messages, post fake news, etc.

For more information on history sniffing cyber attacks, call Centex Technologies at (972) 375 - 9654.        

Cybersecurity Threats To Be Aware Of

With increasing use of internet, there has been an alarming increase in number of cybersecurity threats. In addition to number, the risk and severity of cybersecurity threats has also increased. Advancement of technology and wide use of digital media have added to the skills of cyber criminals. The best practice to combat these cybersecurity threats is to be aware of different threat types and be prepared with effective cybersecurity strategies.

Here is a detailed list of cybersecurity threats that businesses should be aware of:

  • Cloud Vulnerability: Cloud vulnerability is and will continue to be one of the biggest cybersecurity challenges faced by business organizations. The major reason behind this is the changing business scenario as organizations have increasing number of remote employees. The employees need to access business data from different locations in order to be efficient and productive. Thus, organizations are leveraging cloud applications and storing sensitive business data on cloud storage. Some of these cloud vulnerability attacks include data breach, mis-configuration, insecure interfaces and APIs, account hijacking, malicious insider threats, and DDoS attacks.
  • AI-Enhanced Cyberthreats: AI and machine learning have found extensive applications in all fields including marketing, manufacturing, security, supply chain management, business mainstream, etc. Cyber criminals are also exploiting AI to launch sophisticated cybersecurity attacks such as AI Fuzzing and Machine Learning Poisoning.
  • AI Fuzzing: Fuzzing refers to usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target program until one of those permutations reveals vulnerability. AI fuzzing integrates AI with traditional fuzzing techniques to create a tool that detects system vulnerabilities, start, automate and accelerate zero-day attacks.
  • Machine Learning Poisoning: The cyber criminals target a machine learning model and inject malicious software in it. This makes the system (operating the model) vulnerable to cyber security attacks. As machine learning models feed on data sourced from surveys or social media, cyber criminals exploit user-generated information such assatisfaction ratings, purchasing histories, or web traffic by using malicious samples, introducing backdoors or Trojans for poisoning training sets and compromising the model.
  • Smart Contract Hacking: Smart contracts are specially designed programs that contain self-executing codes for creating rules and processes that build blockchain-based applications. Since this is a new concept, researchers are still finding bugs in these programs. Cyber criminals exploit these vulnerabilities and target the programs for hacking into applications. this poses as a new cybersecurity threat for businesses.
  • Deepfake: It is a fake video or audio created by modes such as swapping a famous person’s face in videos or altering the audio track of a video to spread fake news. The technology is AI-based and is being used extensively by cyber criminals to cause disruption across various industry segments such as financial market, media, entertainment and politics. In business world, these fake videos may be used to impersonate CEOs to spread fake news about a business.

For more information on cybersecurity threats, call Centex Technologies at (972) 375 - 9654.