Express Computer
Home  »  News  »  180 Indian Companies affected with Business Email Compromise Schemes

180 Indian Companies affected with Business Email Compromise Schemes

0 387

In total, 79 new ransomware families were identified in the first six months of the year, which surpasses the total number of new families found in all of 2015.

Trend Micro Incorporated, a player in security software and solutions, published its security roundup report H1, 2016, “The Reign of Ransomware”. The report highlighted that over 180 Indian Companies were affected with Business Email Compromise (BEC) Schemes. The report provides extensive data surrounding the rise and impact of attacks, including $3 billion in losses due to business email compromise (BEC) scams so far in 2016, as well as nearly 500 vulnerabilities in a variety of products.

Business Email Compromise (BEC) schemes are scam tactics which compromise business accounts in order to facilitate an unauthorized fund transfer. Today, they are considered one of the most dangerous threats to organizations. As Trend Micro predicted, 2016 has proven to be a year of online extortion through various malicious attack methods.

In total, 79 new ransomware families were identified in the first six months of the year, which surpasses the total number of new families found in all of 2015. Both new and old variants caused a total of US $209 million in monetary losses to enterprises. Ransomware attacks found in the first half of 2016, like BEC scams, originated from emails 58 percent of the time.

“While it’s unfortunate for us, cybercriminals are resilient and flexible when it comes to altering an attack method each time we find a patch or solution,” said Ed Cabrera, chief cybersecurity officer for Trend Micro. “This creates massive problems for enterprises and individuals alike since the threats change as often as solutions are provided. It bodes well for businesses to anticipate being targeted and to prepare accordingly, implementing the latest security solutions, virtual patching and employee education to mitigate risks from all angles.”

The effectiveness of BEC scams lies in the techniques employed against its preferred targets. Attackers are able to deceive victims by combining their knowledge of social engineering techniques and well-researched information about the target. Most of the time, attackers behind BEC scams impersonate people who have access to a company’s finances—may it be a company’s CEO, managing director, CFO, or even financial controller.

Based on our monitoring from January 2016, we observed that BEC scams often targeted CFOs more than any other position in a company. Once attackers had picked someone of authority to spoof, their next move would involve tricking their victims to permit a fund transfer to serve as payment for an invoice or perhaps a legal settlement.

Some attackers include keyloggers in BEC campaigns to steal confidential information they can use for illegal transactions. BEC scams are treacherous. Though their design is extremely simple, the tactics attackers use for a successful BEC campaign is quite complex and effective as it appeals to people’s respect for authority.

Therefore, an effective way to defend against BEC scams should be a mixture of proper employee education and security solutions that will help identify threats even before they reach a person’s inbox. Employees can be considered the last line of defense from BEC scams, so businesses must enact best practices for employees to follow when dealing with emails that urge them to make fund transfers. Some of these best practices may involve carefully scrutinizing emails requesting payment, raising employees’ awareness of the existence of scams such as BEC, and reporting deceitful incidents to law enforcement agencies.

Since most BEC scams do not involve malware, traditional email solutions that only detect emails with malicious links or attachments are not enough to stop BEC. An email solution that is able to flag social engineering techniques is needed to effectively block malicious email messages that are used in BEC campaigns.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image