Business Email Compromise (BEC)
What is Business Email Compromise?
According to the FBI’s Internet Crime Complaint Center, business email compromises accounted for 40% of total cybercrime losses in 2019.
Business Email Compromise (BEC) is an attack that involves a bad actor sending an email that appears to be legitimate in order to fraudulently request funds. These attacks, or scams, may be
accomplished through a variety of vectors including: spoofing an email address so that it appears to be legitimate; sendıng spear phishing emails to trick employees into revealing confidential information or account credentials; or using malware to gain access to a corporate email environment. The bad actor then builds a target profile that includes: financial data; sample emails for content and formatting; point of contact information; and other information that will allow them to send a convincing fraudulent email.
Once a bad actor gains enough information to send a fraudulent email, the next phase of the attack begins. The actor sends carefully crafted emails that appear to be from the compromised email accounts to identified targets and requests fund transfers such as a wire transfer to payment to a new bank account routing number.
The Arete Process
When a BEC occurs, Arete immediately begins collection of logs and artifacts. Once the relevant evidence has been collected and preserved, analysis begins, using Aretes Forensically sound
methodology to determine the who, what, where, when, and how of the attack. Arete will produce a report of preliminary findings to the client within 24-72 hours.
If notification list creation is necessary, Arete’s in ternal eDiscovery team can apply robotic process automation and artificial intelligence to data sets. Arete’s process zeroes in on the affected documents, producing findings to meet legal and regulatory requirements, at a fixed fee per document.
The Arete Advantage
- Arete’s team of experts, with years of experience in the military, government and the private sec tor, handle hundreds of BEC cases every year.
- Arete can liaise with law enforcement, as Arete superheroes regularly work side-by-side with law enforcement on a variety of matters
- Arete has the knowledge and expertise to assist with the securing and hardening of the client’s infrastructure to help protect the client against future