What are Business Email Compromise (BEC) Attacks?

BEC attacks rely primarily on social engineering. While employees at any level can be targeted, the criminals almost exclusively appeal to seniority to secure compliance. These attackers create email addresses that mimic those used by senior executives, use free services such as Gmail to create email addresses that appear to be an executive’s personal account, or, less commonly, gain access to executives’actual corporate email accounts using phishing attacks or other means. Once the attacker has a plausible email account from which to operate, they use social engineering tactics to, for example, request the target either divert payment on a valid invoice to the criminal’s bank account, in means of a fake receipt or redirect company finance to a false bank account.

While BEC attacks fall under the umbrella of phishing, they don’t typically include malware or malicious links.

They don’t have to: After all, who’s going to say no to their CEO?

BEC Attacks Targeting Office 365/G Suite

Email Account Takeover Attacks:

While simple, these attacks are both highly sophisticated and financially devastating. The FBI reported a total loss of roughly $1.8 billion dollars in 2020 — and this is just from the attacks they were aware of.
Osterman’s research estimates that 80% of organizations were targeted by at least one BEC attack in 2021. Mid-sized organizations, those with 500 to 2,500 email users, were even more likely to experience an attack: Nearly nine out of 10 saw an attack last year.

These Business Email Compromise attacks are often successful. Nearly 60% of organizations surveyed reported being victims of a successful or almost successful BEC attack. Roughly 40% of organizations said they had no BEC attacks that fell into these categories. But as these attacks become more common, organizations are becoming increasingly aware that they can no longer count on not being targeted as a defense strategy.

Organizations Are Recognizing the Risk

The high number of successful attacks, coupled with growing news coverage of the most devastating ones, is causing companies to reevaluate the risk posed by such attacks. According to the Osterman survey, the number of organizations that claimed preventing such attacks was important to them grew by 30% in just one year, with further increases projected in the short term. At the same time, respondents also said they lacked confidence in their existing protections and were unsure about their ability to safeguard funds, obtain help from insurance providers or law enforcement, or prevent these attacks from getting to highly targeted users in the first place. Cybercriminals are aware that organizations are depending on cybersecurity technologies that were never designed to stop BEC attacks.

SonicWALL®TZ Series

The all new SonicWALL®TZ Series offers revolutionary breakthroughs with higher performance protection, new redundancy capabilities, enterprise-class Anti-Spam integration, application inspection, and other innovations to protect and improve the efficiency of distributed enterprises and small-to-midsize businesses (SMBs).

Please use the form below to request a price quote on any SonicWall product. After submitting your request, a representative will respond to you within 24 hours with your pricing and additional information you may need to make your purchase.

If you have any additional questions or would like to receive a quote over the phone, please call us: (01) 846 4200

 ACS is one of Ireland’s leading SonicWALL Firewall official reseller in Dublin | Cork | Waterford |Waterford | Galway | Drogheda | Belfast| Limerick | Shannon| Dundalk | Sligo