Cisco BEC attack

Business email compromise attack learning course

 

·         BEC attacks are so effective because they use a variety of tactics, including:

·         Social engineering (the art of manipulating people)

·         Impersonation (usually someone with authority)

·         Compromised email accounts (credential harvesting)

·         (Most importantly) building a sense of trust over time

 

Target

·         Accountants

·         Company controllers

·         Parties involved with real estate

·         Sales & customer experience

·         Operations & credit

·         IT or engineers

 

Common Types of BEC attacks

1.       Bogus Invoice scheme

a.       Imitates a supplier invoice email, but includes new payment instructions/procedures

2.       Data Theft

a.       Cybercriminals use compromised email accounts to request sensitive information or personally identifiable information

3.       Executive fraud

a.       Cybercriminal pose as company executives and send emails requesting sensitive information or that funds be transferred to a fake account.

4.       Fake payment request

a.       The attack uses a compromised account to send a fake payment request to a targeted individual

 

Self Questioning

1.       Does the email contain a request that requires me to act quickly or outside of normal company policies and procedures?

2.       Can I independently verify the request/information using information that isn’t found in the email?. This means verifying the authenticity not only of the request but of the sender

 

 

 

 

 

Phishing

Spear Phishing

Spear Phish are particularly dangerous because they are designed to exploit human weaknesses rather than technical weaknesses. they are highly personalized so that they appear real and unlike most phish. they target their audience and are sent to small groups or individuals. they also take advantage of social engineering and use emotions like fear curiosity and greed to trick you.

 

Whaling

when attackers go after a big fish like a CEO or CFO, it's called whaling. These attackers often spend considerable time profiling the target to find the opportune moment and means of stealing login credentials. whaling is of particular concern because high level executives are able to access a great deal of company information.

 

SMISHING

smishing is when someone tries to trick you into giving them your private information via a text or SMS message. a smishing attack usually has a call to action for the intended victim that requires an immediate response.

 

Social Media

Social Media Phish is when cybercriminals use social networking site like Linkedin, Facebook or Twitter instead of email to steal your sensitive personal information or get you to click on malicious links. Social Media Phishing is often used to gather information that is used in Business email compromise (BEC) phishing attacks.

 

Business Email Compromise(BEC)

BEC attacks are carefully planned and researched attacks that impersonate a company executive vendor or supplier. The attacks aim to get you to send information or make payments to a bogus entity. The attacks often use a sense of urgency and are sent at opportune times such as when a person is travelling, out of the office or otherwise unavailable to verify the request.

 

 

 

 

 

 

 

 

 

Dispute = 분쟁,분규

Compromise = an agreement or a settlement of a dispute that is reached by each side making concessions

Concession = 양보, 인정

Sophisticate = 세련된, 교양있는 사람

Exploit = (부당하게)이용하다

Impersonation = 인격화,의인화,흉내내기

Tactics = 작전,행동

Fraud = 사기(죄), 사기꾼

Executive = 경영, 경영진

Authenticity = 진실성