• Log In
  • Sign Up
  • Contact Us
PowerDMARC
  • Features
    • PowerDMARC
    • Hosted DKIM
    • PowerSPF
    • PowerBIMI
    • PowerMTA-STS
    • PowerTLS-RPT
    • PowerAlerts
  • Services
    • Deployment Services
    • Managed Services
    • Support Services
    • Service Benefits
  • Pricing
  • Power Toolbox
  • Partners
    • Reseller Program
    • MSSP Program
    • Technology Partners
    • Industry Partners
    • Find a partner
    • Become a Partner
  • Resources
    • DMARC: What is it and How does it Work?
    • Datasheets
    • Case Studies
    • DMARC in Your Country
    • DMARC by Industry
    • Support
    • Blog
    • DMARC Training
  • About
    • Our company
    • Clients
    • Contact us
    • Book a demo
    • Events
  • Menu Menu

Basic BEC Defense Strategy for Small Businesses

Blogs
Basic BEC Defense Strategy for Small Businesses

The digital landscape is evolving at an uncompromised pace, which is also giving hackers more opportunities to commit cyberattacks like basic BEC scams. They attempt BEC attacks by masquerading as officials and sending fake emails on their behalf. Most emails request making financial transactions to hackers’ accounts which the recipients are unaware of. 

The blog explores more on BEC scams, their stages, and defense strategies for small businesses, so keep reading!

What are BEC Scams, and Why are they Dangerous?

BEC is short for Business Email Compromise, a type of email phishing attack where attackers impersonate company officials to manipulate recipients (usually finance department employees) into making a financial transaction. 

They use domain spoofing, lookalike domain, and typosquatting techniques to make emails look like they are coming from legitimate sources. They make minor spelling alterations that go undetected if not observed carefully by recipients. Some examples of the same are: www.amaz0n.com instead of www.amazon.com, www.tvvitter.com instead of www.twitter.com, etc.

Basic BEC attacks are dangerous as it’s quite challenging to detect them since they are mostly attempted using a company’s email address. It isn’t easy to trace back embedded links to questionable URLs to hackers.

Stages of a Typical BEC Scam

Threat actors are getting sophisticated with their techniques and approaches toward cybercrimes. This has made it evidently more challenging to spot loopholes. They plan BEC attacks in more or less the 4 following phases to go undetected. 

PHASE 1- Email List Targeting

Malicious actors scout LinkedIn profiles, business email databases, and other websites to draft a consolidated list of individuals or companies they want to target.

PHASE 2- Launch Attack

In the following phase, they send emails with spoofed or look-alike domains and fake email names.

PHASE 3- Social Engineering

Attackers masquerade as trusted officials to request urgent responses or actions like money transfers or ask to share confidential files.

PHASE 4- Financial Gains

This is the final stage of a basic BEC attack where financial gain or data breach is successful. 

8 Basic BEC Defense Strategy for Small Businesses

Here are 8 defense strategies to prevent basic BEC scams.

1. Develop Protocols for Payment Approvals

Overhaul your company’s payment approving process and devise a fixed path. This will help minimize the chances of a successful basic BEC attack attempted by manipulating a single authorized finance team employee. 

You can include requiring a senior employee to validate and approve all wire transfers. Moreover, you should mandate employees to confirm money transfers through telephonic or in-person communication. 

2. Ensure Your Devices and Web Email Clients Run the Same Version

Unsynchronized desktop and web versions let threat actors place rules that aren’t exposed in the desktop clients. This creates problems in tracing the manner of attack and other things.

3. Double-Check Email Addresses

The easiest way to prevent basic BEC attacks is by carefully noticing email addresses for  slight spelling alterations and changes. Hackers also use font tricks by fooling people with similar-looking letters like ‘i’ and ‘1’ or ‘o’ and ‘0’. These minor changes easily go unnoticed if you don’t double-check before hitting the send button.

Also, check whether the ‘reply’ and ‘from’ addresses are the same. Flag email communications where both these addresses don’t match. 

4. Enable MFA

MFA or Multi-Factor Authentication is a verification component that adds additional layers of security above the standard username and password method. The likelihood of basic BEC attacks decreases with methods like OTPs sent on your phones, answers to personal questions, biometrics, behavioral analysis, etc. 

Lately, the MFA method has integrated machine learning and artificial intelligence that enables location-based and risk-based authentication techniques. In location-based MFA, users’ IP addresses and/or geo-locations act as security factors. Risk-based authentication considers context and behavior for authentication. Common examples are:

  • Logging in outside of work hours.
  • Accessing from a different location.
  • Sign in from a new and unidentified device.   
  • Connecting via an unsecured network.

5. Prohibit Automatic Forwarding of Emails to External Addresses

If automatic forwarding of emails is enabled, hackers can inject themselves into conversations to commit financial fraud. According to the FBI’s 2019 Internet Crime Report, such perpetrated basic BEC crimes caused an accumulated loss of $1.7 billion in losses.

Auto forwarding also gives them the opportunity to access and exploit your email accounts for a long time while also posing a risk of potential disclosure of sensitive and confidential information.

6. Use Email Authentication Protocols

SPF, DKIM, DMARC, and BIMI are authentication protocols ensure email security by permitting only trusted entities to send emails using your domain. SPF requires you to create and publish an extensive list of IP addresses and servers you trust to send emails on your behalf. Emails from IP addresses and servers outside of the list fail SPF authentication checks.

DKIM uses a pair of public and private cryptographic keys to verify the sender’s authenticity. DMARC directs recipients’ mailboxes on how to treat emails failing SPF and/or DKIM authentication checks. BIMI allows email inboxes to show your company’s official logo next to authenticated emails as a mark of visual identification. 

You can investigate your email authentication compliances using our email header analyzer. It evaluates the protocols through an empty test mail sent to an auto-generated email address.  

7. Encourage Employees to Flag Suspicious Payment Requests

You should train your employees to read the signs of basic BEC scams and encourage them to seek clarification on emails creating a sense of urgency with words like ‘ASAP,’ ‘within 5 minutes’, etc. In this case, it’s better to go a little old-school and get confirmation by meeting the person physically or through a phone call. 

8. Report Fraud to Authorities

Report BEC scams and other frauds to the concerned authorities immediately after you detect a red flag. Even if remediation isn’t possible in your situation, the authorities can dig deep and gain insights from multiple reports. 

As a small business owner, you can take baby steps towards BEC scam protection by investing in email authentication services and conducting awareness sessions for your team. You can contact us to help with email authentication implementation, management and monitoring for their non-erroneous and uncompromised deployment. 

basic bec defense

  • About
  • Latest Posts
Ahona Rudra
Digital Marketing & Content Writer Manager at PowerDMARC
Ahona works as a Digital Marketing and Content Writer Manager at PowerDMARC. She is a passionate writer, blogger, and marketing specialist in cybersecurity and information technology.
Latest posts by Ahona Rudra (see all)
  • How to Protect Your Passwords from AI - September 20, 2023
  • What are Identity-based Attacks and How to Stop Them? - September 20, 2023
  • What is Continuous Threat Exposure Management (CTEM)? - September 19, 2023
June 12, 2023/by Ahona Rudra
Tags: basic bec defense, bec defense, bec defense for small businesses, bec defense strategy
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail

Secure Your Email

Stop Email Spoofing and Improve Email Deliverability

15-day Free trial!


Categories

  • Blogs
  • News
  • Press Releases

Latest Blogs

  • How-to-protect-your-Password-from-AI
    How to Protect Your Passwords from AISeptember 20, 2023 - 1:12 pm
  • What are Identity-based attacks and how to stop them_
    What are Identity-based Attacks and How to Stop Them?September 20, 2023 - 1:03 pm
  • basic bec defense
    What is Continuous Threat Exposure Management (CTEM)?September 19, 2023 - 11:15 am
  • What-are-DKIM-Replay-Attacks-and-How-to-Protect-Against-Them
    What are DKIM Replay Attacks and How to Protect Against Them?September 5, 2023 - 11:01 am
logo footer powerdmarc
SOC2 GDPR PowerDMARC GDPR comliant crown commercial service
global cyber alliance certified powerdmarc csa

Knowledge

What is Email Authentication?
What is DMARC?
What is DMARC Policy?
What is SPF?
What is DKIM?
What is BIMI?
What is MTA-STS?
What is TLS-RPT?
What is RUA?
What is RUF?
AntiSpam vs DMARC
DMARC Alignment
DMARC Compliance
DMARC Enforcement
BIMI Implementation Guide
Permerror
MTA-STS & TLS-RPT Implementation Guide

Tools

Free DMARC Record Generator
Free DMARC Record Checker
Free SPF Record Generator
Free SPF Record Lookup
Free DKIM Record Generator
Free DKIM Record Lookup
Free BIMI Record Generator
Free BIMI Record Lookup
Free FCrDNS Record Lookup
Free TLS-RPT Record Checker
Free MTA-STS Record Checker
Free TLS-RPT Record Generator

Product

Product Tour
Features
PowerSPF
PowerBIMI
PowerMTA-STS
PowerTLS-RPT
PowerAlerts
API Documentation
Managed Services
Email Spoofing Protection
Brand Protection
Anti Phishing
DMARC for Office365
DMARC for Google Mail GSuite
DMARC for Zimbra
Free DMARC Training

Try Us

Contact Us
Free Trial
Book Demo
Partnership
Pricing
FAQ
Support
Blog
Events
Feature Request
Change Log
System Status

  • Français
  • Dansk
  • Nederlands
  • Deutsch
  • Русский
  • Polski
  • Español
  • Italiano
  • 日本語
  • 中文 (简体)
  • Português
  • Norsk
  • Svenska
  • 한국어
© PowerDMARC is a registered trademark.
  • Twitter
  • Youtube
  • LinkedIn
  • Facebook
  • Instagram
  • Contact us
  • Terms & Conditions
  • Privacy Policy
  • Cookie Policy
  • Security Policy
  • Compliance
  • GDPR Notice
  • Sitemap
Why Should We Not DIY DMARC?Why Should We Not DIY DMARCchannel-next-and-powerdmarcSecuring Customer Domains: Channel Next’s MSP Success Story with Powe...
Scroll to top