With the tactic of business email fraud hackers often target not only employees, but especially managers. This is how you detect attacks before damage is done.
The problem with routine tasks
Even in times of modern instant messaging applications such as Slack or Discord, the good old e-mail still plays a central role in communication in the business context – whether as a means of interacting with customers, negotiating contracts with suppliers, managing employees or even internal file sharing. It is precisely this everyday application and routine use of e-mails that make them one of the most attractive ways of hacking companies. The latest figures in Verizon’s Data Breach Reportshow how successful these attacks are, according to the report e-mails are still the most common attack vector (96%) for social engineering attacks . Especially phishing attacks on companies, so-called “business email fraud”, cause immense costs.
The bad news – Every employee is affected by business email fraud
Business email fraud can take many forms. From relatively easy to recognize mass mailings to all employees of a company, to extremely well prepared Spear-Phishing attacks against individual employees. Theoretically, any person with a business email account is affected. Particularly perfidious: fraudsters often pretend to be internal colleagues, in some cases also as superiors. This is referred to as “CEO fraud” (superior fraud).
The good news – Every employee can actively defend his or her company
Even if the characteristics of Business Email Fraud are quite diverse, you can recognize them based on certain criteria. Doing so enables you to become an active party and help to successfully defend your company on the cyber front! Detecting and preventing email fraud is possible even if you are not a cyber security expert. The following six factors are common to many fake or fraudulent emails in the business context – they will help you to identify dangerous emails:
- Urgency:Cybercriminals have a strong interest in carrying out fraud quickly in order to prevent any suspicion or even critical examination by the victim in the first place. To increase the pressure on the victim, they use strong threats, such as an alleged breach of contract, a penalty for an overdue bill, an account block or a service shutdown.
- Badly revised communication: Serious companies invest a lot of time and money in the design of e-mails in order to maintain and enhance the reputation of their brand. Generic greetings, grammar mistakes and poor formatting are potential signals pointing to business fraud or phishing mails.
- Contacts by mail only:Hackers try to maintain their false identities and avoid personal contact. In the case of unusual or urgent requests, an authenticity check by telephone may be sufficient to expose them.
- Strange URLs and Domains:Many hackers use external links in phishing emails to redirect potential victims to a fake home page or form where personal and financial information is collected. The wrong links are often difficult to recognize, but a trained eye will note the signs. An example are inconsistent links where the display and target URLs do not match. nother is, fake slightly changed URLs such as “webside.com” instead of “website.com”.
- No flexible support:Cybercriminals often imitate well-known brands and organizations to radiate trust and credibility to their victims. Medium-sized and large companies often offer differentiated customer support and often have employees trained for specific issues. Therefore, in case of uncertainty, it is helpful to inquire about specialist contact persons and thereby check whether an information request is legitimate.
- Dubious attachments: Another common phishing technique is to attach one or more malicious attachments to fraudulent emails. These files may contain viruses or other types of ransomware/malware . Special care should be taken with unknown senders and especially with proprietary file types, such as compressed files (e.g. .rar, .zip), files used to execute program codes (e.g. .bat, .cmd, .exe & . msi) and macro-enabled documents (e.g. . docm, .pptm and .xlsm).
The SoSafe awareness platform sensitizes and trains employees in dealing with the topic of IT security. Phishing simulations and interactive e-learnings teach employees in an effective and sustainable way about what to pay particular attention to when using e.g. e-mails, passwords or social media. The employer receives differentiated reporting and can finally make awareness building measurable – of course completely GDPR-compliant.
www.sosafe.de Cyber Security Awareness – made in Germany