Sending a BOLO (Be On The Lookout) to all Finance Departments
One of the more interesting developments in cyber security and fraud is the growth of the Business Email Compromise (BEC) scheme. This cyber crime, also known as, CEO fraud, is not very sophisticated, basically, it’s someone pretending to be a senior company official, like the CEO and finds a way to trick an employee into sending them money, through some sort of payment process.
The interesting thing about how some attacks begin starts with something as simple as the email account and password of someone in the payment process. How do you think an attacker gets this information? Interesting enough some occur because employees register for third-party services, like LinkedIn with their company credentials. Many of whom, use the same password that they use on the corporate network. <GASP> Yes. It happens.
Security vendor Digital Shadows reviewed their repository of compromised credentials through third-party breaches and found that “33,568 email addresses for finance departments had been exposed via third-party breaches. For 83 percent of those email addresses, the passwords for the accounts were also exposed.” According to the article, the cost of obtaining these valuable credentials now runs between $150-$500.
To battle a part of this companies may want to consider, in its Acceptable Use Policy, restricting employees from using company email to register for non-business related third-party sites. It won’t stop the war against BEC, but it can help win at least one battle.