Malicious accounts target businesses by launching BEC attacks

August 10, 2020

Malicious accounts target businesses by launching BEC attacks

Cyber-attacks using malicious accounts have become a common weapon of cyber criminals who target mainly organizations. The use of malicious accounts created using legitimate email servers, such as Gmail, AOL, and others, allows attackers to impersonate legitimate accounts and carry out sophisticated BEC (Business Email Compromise) attacks. Using BEC, an attacker can obtain access to an organization’s inner email accounts and impersonate them in order to defraud the company, its employees, customers, and partners.

According to a recently published research by Barracuda, over 10,000 BEC attacks on over 6000 organizations were identified since the beginning of 2020.

  • Since April 2020, the use of malicious accounts was identified in 45% of all BEC attacks;
  • Attackers use personally crafted email messages from credible email services impersonating employees or other individuals related to an organization, to increase chances of receiving a reply;
  • The fake email accounts are used only several times and usually for less than 24 hours in order to avoid detection and blockage.

  • Gmail is the top domain choice for BEC attacks.

  • An analysis of over 6,000 organizations revealed that one malicious account impacted between 1 and 256 organizations;

Suggested steps to protect your organization from malicious accounts:

  • Take precautions against BEC attacks – BEC is designed to bypass email gateways. Using artificial intelligence could help in identifying unusual senders and potential malicious accounts or other types of fraud;
  • Identify and block malicious accounts – since each malicious account is responsible for a small number of attacks, different BEC attacks will rarely target the same organization. Choosing a vendor that can provide you with threat intelligence that differentiates between organizations can provide additional protection.
  • Help your users identify phishing attacks – Advise your employees on how to identify suspicious accounts or potential phishing attacks from messages that do not come from within your organization.

To learn more, check out the following articles:

Follow Us on Facebook for the latest news and insights on cybersecurity. 

Stay Safe with TrustNet!

Share Now: