Businesses are being urged to be more cautious about how they handle emails, with new research showing business email compromise attacks are up 45 per cent.
The research, from security and compliance outfit Proofpoint, examined 45,000 BEC messages and found attacks were up by 45 per cent in the last three months of 2016 compared to prior months.
The company defines BEC attacks as when cybercriminals pretend to be a company executive and send highly-targeted emails to employees to trick recipients into wiring money or sending sensitive information.
“It’s a growing trend locally and internationally as attackers purport to be someone high up in an organisation — the CEO, CFO or company lawyer — and request money transfers, or sensitive information such as private financials, passwords, HR information and private employee details,” ANZ MD Tim Bentley told The Australian.
“Hackers are now heavily researching social media accounts of business leaders and using their airport check-ins and family holiday Instagram pictures to customise their emails and make their approaches more personalised.”
“Seventy-five per cent of our customers were hit with at least one attempted BEC attack in the last three months of 2016 — and it only takes one to cause significant damage,” said Ryan Kalember, Proofpoint’s senior vice president of Cybersecurity Strategy.
The research found two thirds of all BEC attacks spoofed their email address domains, so that their fraudulent emails displayed the same domain as that of the company targeted in the attack.
Meanwhile manufacturing, retail and technology organisations are generally more targeted with BEC attacks, with cybercrime looking to take advantage of more complex supply chains and SaaS infrastructures. More than 70 per cent of the most common BEC subject line families feature the words “Urgent” “Payment” and “Request. ”The top seven subject line families include: payment (30 per cent), request (21 per cent), urgent (21 per cent), greeting (12 per cent), blank (nine per cent), FYI (five per cent), and, where are you? (two per cent).
“Our research shows static policies cannot keep up as attackers are constantly changing their socially-engineered messages. Organisations need detection, authentication, visibility, and data loss prevention to ensure they don’t fall victim,” Mr Kalember said.
Reader comments on this site are moderated before publication to promote lively and civil debate. We encourage your comments but submitting one does not guarantee publication. We publish hundreds of comments daily, and if a comment is rejected it is likely because it does not meet with our comment guidelines, which you can read here. No correspondence will be entered into if a comment is declined.
