Hybrid Cloud Security
Data Center & Virtualization
Security Fit for DevOps
Solutions for Security Teams
Advanced Threat Protection
Endpoint & Gateway Suites
SaaS Application Security
Endpoint Detection & Response
Point of Sale
All Products and Trials
Centralized Visibility & Investigation
Global Threat Intelligence
Connected Threat Defense
Breaking News & Intelligence
Simply Security Blog
Security Intelligence Blog
UK Security Blog
Education & Certification
Glossary of Terms
Research & Reports
The Deep Web
Internet of Things (IoT)
Zero Day Initiative (ZDI)
Login to Support
Virus & Threat Help
Renewals & Registration
Free Cleanup Tools
Find a Support Partner
Pre-Sales Technical Advice
For popular products:
Find a Partner (Reseller, CSP, MSP)
Become a Partner (Reseller, Integrator)
All Alliance Partners
Customer Success Stories
Corporate Social Responsibility
Diversity & Inclusion
Internet Safety and Cybersecurity Education
Find a Partner
1-877-218-7353(M-F 8-5 CST)
Learn of upcoming events
Social Media Networks
+44 (0) 203 549 3300
A new business email compromise (BEC) scheme, where the attacker tricks the recipients into rerouting paychecks by direct deposit, has emerged. According to CNBC’s report, this BEC scam has been growing; for instance, Kansas City-based KVC Health Systems, a nonprofit agency for child welfare, receives such emails at an average of two or three times in a month.
In the scheme, the attacker poses as a CEO, CFO, or payroll director and sends an email to human resources personnel, asking the latter to change an employee’s bank account and routing information so that paychecks are deposited directly to a fraudulent account.[Read: Year-End Review: Business Email Compromise in 2018]
This new BEC scheme, along with other scams that don’t require high-skill technical methods, heavily relies on social engineering to succeed. Hacking into a legitimate email account using keyloggers or remote access tools isn’t a prerequisite.
The attackers behind this new BEC scheme produced the socially engineered emails using free services like Gmail and crafted them in such a way that the fake email appears legitimate. As observed in other similar schemes, the attackers can play into an employee’s desire to be responsive to the high-ranking company members that were being impersonated.
The emails that attackers sent to victims in this particular scheme were well-crafted; typically brief, polite, and lightly urgent. In one of the cited email samples, the recipient was asked to change direct deposit information before the next paycheck. The attacker can also manipulate the recipients to prevent them from calling for verification. In one of the email samples, the attacker did this by writing “I am going into a meeting now.”
[Read: Smarter Phishing Techniques Observed as Cybersecurity Tools Become Advanced]
The successful execution of email scams such BEC burdens both the company and the employee.
The company should be responsible for reimbursing the stolen money due to fraud. TSB Bank plc, a U.K.-based retail and commercial bank, recently announced that that it will refund customers who were tricked into authorizing payments to fraudsters. This announcement comes on the heels of news about the bank losing millions last year due to several problems that include fraud.
Meanwhile, email scams can inconvenience an employee due to a delayed paycheck, and in extreme cases, it can be a trigger for an employee’s dismissal.
[Read: Trend Micro Cloud App Security Report 2018: Advanced Defenses for Advanced Email Threats]
Scams in the form of phishing, spear phishing, and BEC emails are still on the rise. Trend Micro has predicted that apart from high-ranking company members, attackers, such as the ones behind BEC scams, will target employees further down the company hierarchy. Usual cybersecurity best practices and solutions may not be enough to combat this scheme, but there are security technologies that can help users and organizations detect them.
Writing Style DNA, which is used by Trend Micro Cloud App Security™ (CAS) and ScanMail™ Suite for Microsoft® Exchange™ (SMEX), can help detect email impersonation tactics used in BEC and similar scams. It uses artificial intelligence (AI) to recognize the DNA of a user’s writing style based on past emails and then compares it to suspected forgeries. The technology verifies the legitimacy of the email content’s writing style through a machine learning model (ML) that contains the legitimate email sender’s writing characteristics.
Like it? Add this infographic to your site:1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.