The Kaspersky experts are increasingly observing BEC attacks (Business Email Compromise) - also in Germany. Between May and July 2021, Kaspersky products blocked more than 9.500 attacks of this type worldwide, including against companies in the aviation, industrial, retail, IT and delivery sectors.
In a BEC attack, fraudsters usually initiate an email exchange with an employee of a company in order to gain their trust and thus induce them to take actions that harm the interests of the company or its customers. For this purpose, fraudsters often use hijacked e-mail accounts or e-mail addresses of employees that look similar to official company addresses.
All kinds of deception maneuvers
Sometimes cyber criminals steal an employee's credentials in order to attack higher-ranking colleagues. Most of the time the fraudsters target a company's financial resources, but some are also looking for confidential information such as customer databases or business development data.
BEC attacks require a lot of time and resources on the part of cyber criminals; preparation can take anywhere from a few weeks to several months. A successful attack can cost a company millions in damage.
The most common attack schemes used in BEC
- CEO fraud: In such a scenario, an employee receives a fake email from a manager asking them to pass confidential information on to a "legal advisor" or similar entity. However, the account provided is not real and the sensitive data goes to the cyber criminals instead.
- Fake payroll change: In this case, the accounting department receives a message from a supposed employee asking them to change the account details for the payroll. The salary is then paid to the attacker the next time he is settled.
- Fake Invoice: In this method, the accounting department receives a message from a supplier or other third party about an alleged late payment of an invoice. If the accounting makes this payment, the money goes to the fraudsters.
“To carry out business email compromise attacks, cyber criminals collect data about their victim beforehand and then use it to build trust.
BEC attacks: planned well in advance
Some of these attacks are possible because cyber criminals can easily find the names and positions of employees, their exact location, vacation dates or contact lists, as these are freely accessible. Scammers typically use a variety of social engineering techniques and methods to gain a victim's trust and perform malicious operations. Users should therefore always be careful when working, ”explains Christian Milde, Managing Director Central Europe at Kaspersky.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/