While the email may appear to come from the CEO, it is sent from an email address that is very similar to the CEO’s actual email. This is done in an effort to make it appear as if this email is legitimate and that the CEO is the one who sent it. The goal of BEC is to trick the recipient into thinking that the email has been sent from the CEO and the money or information will be coming from a bank account that the CEO controls. A BEC scam is successful if the recipient responds to the email by giving the cybercriminal money or sensitive information.
Business Email Compromise (BEC) is a targeted cyberattack in which a cybercriminal poses as a trusted figure, such as the CEO of a company, and sends out an email to specific individuals requesting sensitive information or money. While the email may appear to come from the CEO, it is sent from an email address that is very similar to the CEO’s actual email. This is done in an effort to make it appear as if this email is legitimate and that the CEO is the one who sent it. The goal of BEC is to trick the recipient into thinking that the email has been sent from the CEO and the money or
They may do this by searching for information about the organization online or by using social media to learn more about their target.
They may also look for information about the executive or employee they intend to impersonate.
Once they have gathered all the information they need, the cybercriminal will use it to create a convincing impersonation.
They will then send an email to the employee they are attempting to impersonate, asking them to make a wire transfer.
If the employee receives the email, they may think it is genuine because the cybercriminal has done a lot of research to create a convincing impersonation.
What to Do to Prevent Business Email Compromise
The group uses multiple servers in different countries. These servers are used to store the material that is shared by the group. They are also used to store the malware that the group uses. They use the servers to hide the origin of the attacks. The servers are also used to store the stolen material.
The group uses the virtual private network (VPN) in order to hide their identity. They mainly use VPN services that are not based in the country that they are attacking. This is used in order to remain anonymous.
The group uses the software to hack into the target computers and steal information. This is done using a combination of keyloggers and remote administration tools. The group also uses social engineering to gain access to
For example, a cybercriminal may send an email to their target pretending to be the CEO and claim that the company’s financial records have been hacked and that, in order to prevent further damage, their bank account must be emptied immediately.
Source: Keeper Security – KeeperPAM