1. Home
  2. News
  3. Business Email Compromise/ Email Interception

Business Email Compromise/ Email Interception

March 28, 2024

Electronic mail (email) has been around for decades with its origins that can be traced back to the 1970s. As it is fast, reliable, and free, it has skyrocketed in popularity, and email has become an indispensable part of our daily existence and has taken the prime position as the most used form of business communication. The technological revolution and the prolific uptake of business messaging not only revolutionised communication but also added value to business and differentiated businesses from one another.
 

The risk of Business Email Compromise

Although convenient, email is notoriously coupled with risks and businesses are increasingly facing threats in the form of Business Email Compromise (BEC) schemes, otherwise known as email interception fraud. This entails the theft of information (such as usernames, passwords, and the like) by cybercriminals to gain access to business email accounts. From there, it is as simple as using the compromised email account or credentials to impersonate the victim, the user, or the organisation, to gain access to sensitive information (for example bank accounts, customer, vendors, and supplier details), divert funds or for other nefarious purposes. Once a cybercriminal has intercepted your business email accounts, what follows is often devastating consequences for the business.
 

How do they do it?

While cybercriminals have developed and refined their craft around Business Email Compromise (BEC) over many cycles, and continually explore new variations and evolutions everyday, understanding how fraudsters actually intercept emails is a leap in the right direction to combat this threat. Although Business Email Compromise attacks can be carried out in various ways, they essentially comprise some or all of the activities below on the part of cybercriminals to compromise legitimate business email accounts:

  • Using various social engineering schemes including phishing and the use of malware, cybercriminals obtain access to email passwords or accounts.
  • Logging in via webmail, they create malicious forwarders and filters to intercept emails containing personal, sensitive, or financial information.
  • The intercepted emails are hidden from the email account user or legitimate recipient even before they become aware of their existence.
  • They ‘take over’, read, change content, and reply to the intercepted email, often substituting these with fraudulent requests for financial transactions or sensitive information while making it appear as though the request or response came from a legitimate email account.

 

The impact and effect on business

The impact of email compromise is not only personal in nature. Cybercriminals are resourceful and may try various methods to trick victims into providing sensitive information relating to the company or business by targeting specific individuals or departments to access company confidential information. By this, they gain access to employee records and schedules to facilitate BEC scams or increase the credibility of attempts and spoofing or hacking into high-level executives' email accounts to provide instructions to make payments, etc.

  • The most obvious and significant impact of the BEC is the financial threat that it poses to given that compromised accounts and sensitive data can be used to request fraudulent payments and effect unauthorised money transfers.
  • The use of BEC to target suppliers, partners or customers can also expose a business to brand & reputational harm as it may call into question the business’s controls around information security systems and capabilities of systems to secure and safeguard company data.
  • Instances of data exposure or compromise of information arising from the BEC can also lead to an erosion of trust in the business on the part of stakeholders and employees given the implications for infringements on their privacy and security.

 

Mitigating the risk of Business Email Compromise

Understanding the risk and how the ‘interception’ occurs stands one in good stead to take necessary preventive action. Here are some important guidelines:

  • Never send confidential and sensitive information and details in the body of an email. If you have to provide this information within emails, ensure that it is encrypted to prevent interception by cyber criminals. 
  • Be wary of emails that request personal or sensitive information (bank account details, passwords, PINs etc.) Always contact the requestor sender/requestor directly to clarify and confirm the authenticity of the communication.
  • Always remain vigilant and check the sender’s full email address carefully before opening or responding to emails.
  • Enable two-factor authentication (2FA) on your email, social media, and bank accounts. It will ensure that a verification or authenticating text message is sent to your phone or email before access to your account is granted.
  • Use different passwords across your email and other online accounts and only use secure websites when required to provide personal or sensitive information online.
  • Regularly update and run security scans on your work & personal computers and devices.
  • Regular training to employees, clients, and vendors about email security and require that all financial transactions are authenticated and changes to payment information confirmed before processing.

 

Written by:

Farhad Rahaman and team

Fraud and Security AwarenessVodacom,