In today’s SensCy Cyber Brief, the SensCy team is looking into a growing trend regarding email account hacking, email account takeovers, and Business Email Compromise (BEC).
In the past few months, SensCy helped multiple organizations with incidents involving a BEC. According to the Federal Bureau of Investigation, a BEC is one of the most damaging cyber crimes for businesses of all sizes. Between June 2016 and December 2021, BEC-related fraud cost businesses around the world $43 billion in losses – $2.4 billion in 2021 alone.
What are hackers doing once they have access to your email account?
SensCy has observed an increase in subtle email account takeovers. In recent cases, the hackers did not change the email account’s password or anything in the account. They just watched and analyzed as the victims conducted regular business, making it almost impossible for the victims to realize that their account was compromised. Once the hackers found an email relating to a financial transaction, they rerouted the emails to the RSS feed, which is a feed separated from an email account’s main inbox, where you can receive newsletters, blogs, or online magazines. Once the emails started going to the RSS feed, the victim no longer sees them, and the hackers can impersonate the victim by communicating directly with the financial institution or the client. They then advised the wire sender that banking information had changed. From the financial institution’s point of view or the victim’s client, nothing changed, they believed they were still communicating with the correct email address, making it difficult for them to spot the fraud. SensCy has observed thousands to hundreds of thousands of dollars being fraudulently transferred via this method.
How can you protect yourself?
One of the most common mistakes people make with regular email account security is reusing the same password for different accounts. You should always use unique passwords, especially on important accounts like your work email, bank, credit card, or health care accounts. Never use passwords that include your name, birthday, address, or anything that would make the password easy to guess. Use letters, numbers, and symbols. To better manage your passwords, SensCy recommends investing in a password keeper for your employees.
Secondly, you should turn on two-factor authentication (2FA), also known as multi-factor authentication (MFA). This adds an extra step to the authentication process, providing an extra layer of security. Hackers who gained access to your email credentials could not access your account without the additional authentication method, usually to your phone, when trying to log in.
The new National Institute of Technology framework recommends changing your passwords once a year when combined with MFA or 2FA. It also recommends doing an immediate password reset when a known compromise has occurred.
If you have any questions regarding email security and Business Email Compromise, don’t hesitate to reach out to SensCy.
To understand the risk that BECs pose to your organization, book your SensCy Score here.