Cybercriminals use a fairly wide range of technical tricks and social-engineering methods to win the trust and carry out fraud. According to Kaspersky, Kaspersky’s Anti-Phishing system blocked a total of 11,260,643 phishing links in SEA. However, taking a range of effective measures can minimize the threat from Business Email Compromise attacks.
How To Handle Business Email Compromise Attacks?
- Set up SPF, use DKIM signatures, and implement a DMARC policy to guard against fake internal correspondence. In theory, these measures also permit other companies to authenticate e-mails sent in the name of your organization (assuming, of course, that the companies have those technologies configured). This method falls short in some ways (such as not being able to prevent ghost spoofing or lookalike domains), but the more companies that use SPF, DKIM, and DMARC, the less wiggle room cybercriminals have. The use of these technologies contributes to a kind of collective immunity against many types of malicious operations with e-mail headers.
- Train employees periodically to counter social engineering. A combination of workshops and simulations trains employees to be vigilant and identify BEC attacks that get through other layers of defense.
- Use security tools to protect corporate communication channels such as Kaspersky Secure Mail Gateway with a solid set of anti-phishing, anti-spam, and malware detection technologies. While BEC represents one of the most sophisticated types of email compromise, the product has dedicated heuristic model for processing indirect indicators and detecting even the most convincing fake emails.
- Subscribe to in-depth and regularly updated threat intelligence services to have in-depth visibility into cyber threats targeting your organization.
All in all, Business Email Compromise (BEC) attacks have been rising since the pandemic as people are shifting more toward the digital. Kaspersky, a global cybersecurity and digital privacy company came up with solutions with content filtering specially created in the company’s lab already identifies many types of BEC attacks, and, its experts continually develop technologies to protect further against the most advanced and sophisticated scams. To learn more, kindly visit www.kaspersky.com