The Connection, Inc Blog

The Connection, Inc has been serving the New Jersey area since 1992, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.
Categories
Tags
Categories:   All Categories
Suggested keywords
x

How Business Email Compromise Puts Your Business at Risk

How Business Email Compromise Puts Your Business at Risk

Can you tell the difference between your colleagues and a scammer with access to their email account? This is essentially what a business email compromise attack involves—a scammer initiates a phishing scheme using an internal mode of communication. These scams are also observed in schools, making them dangerous in the education sector.

Today, we’re exploring how to navigate these attacks safely and what’s at stake if you don’t.

How BEC Works

Most employees won’t think twice if they receive a request for information—especially if it comes from a trusted company entity.

Business email compromise is an attack that uses an essential business communication tool to fool the victim into handing over the information directly. In some cases, the attacker might even receive direct access to the information they seek. There are no two ways about it—this situation is bad, full stop.

Here’s how it works:

  1. A scammer will select a target, research it, and potentially even craft a fraudulent website to make their efforts that much more effective.
  2. The scammer then breaches the company’s email systems and identifies the most effective targets based on the emails they send and conversations they hold.
  3. Spoofing an email domain, the scammer prepares to impersonate the right person to influence their target.
  4. The scammer then contacts the target, working to build up enough trust to make the ask—whether for money (often in the form of gift cards) or data.

These attacks are increasingly becoming more significant problems for schools and educational institutions.

Public Sector Organizations Are At Risk

Schools and public institutions find themselves the target of these attacks for a couple of reasons:

  • Many such organizations have only a limited budget for cybersecurity, making them more likely to be targets of a cyberattack.
  • These organizations also commonly exchange large amounts of capital regularly, giving an attacker more opportunities to strike.
  • Many of these organizations also rely on complex administrative structuring and processes, making them even more vulnerable as issues are missed and the right people are required to sign off on any action.
  • The public sector also typically collects a lot of data throughout its operations, which means that a cybercriminal would be interested in obtaining these stores.

It makes sense that schools in California and Tennessee have been targeted by these attacks, given how much hackers stand to gain from a successful strike. These institutions can sustain damages of up to six or even seven figures. But those are just the direct costs, not to mention the other damages to reputations and penalties.

All of these are reasons to consider your own approach to securing your business from BEC attacks.

What You Can Do to Mitigate Business Email Compromise

We recommend that all New Jersey businesses take the following security precautions for BEC:

  • Adequately protect financial data and other sensitive information. A precautionary audit can help you determine what is at risk and where your vulnerabilities lie.
  • Consider a cyber insurance policy. Cyberattacks are more commonplace than natural disasters these days, so you should have plans in place to protect you against the financial costs that could result (just make sure you know what’s covered and what limits exist).
  • Prioritize compliance. All businesses are subject to certain compliance requirements, and failing to maintain the standards required by government or industry could result in hefty fines should your business fall victim to a scam.
  • Monitor your infrastructure at all times. There are tools out there that can help you detect BEC attacks before they become a problem—like, say, a compromised account before it can be leveraged against your staff.

With these measures in place, we’re confident you’ll be in a much better position to identify and prevent BEC attacks.

If you’re worried about your business’ security, you can rely on The Connection, Inc to keep you safe. Learn more today by calling us at (732) 291-5938.

Tags:
Security Email Current Events
Six Ways to Improve Your Operations
3 Downtime-Causing Issues You’ll Want to Nip in th...

About the author

George Gremminger

George Gremminger

George's career in high technology systems began in 1985 at ESS in Atlantic Highlands, NJ, where he spent two years doing voice & data cabling, phone system installation, and service & maintenance. He then spent four years with Atlantic Telecom Services in Leonardo, NJ running their service and installation department, honing his skills in fiber optic lines, cabling, and phone systems.

In 1992, George drew on his years of experience and established The Connection, Inc.

As Owner, President and Senior Systems Engineer, George oversees all operations on a day-to-day basis. You might find him out in the field troubleshooting a telephone system, on a lift 30 feet in the air hanging fiber optic cable, or in the office helping with hardware or software issues. George is certified in a wide range of technologies and systems, including Microsoft, Sonic Wall, Mitel and Samsung.

George is a dedicated hands-on manager, ensuring every aspect of The Connection, Inc.’s operation runs smoothly. Whether it's 3 AM, or a Saturday afternoon, George is dedicated to helping their customers get connected and Stay Connected! His dedication to the community is clear, as he is a long-time volunteer member and President of the Leonardo First Aid Squad and a long-time volunteer member of the Community Fire Company of Middletown Township.

You can reach George at or 732-291-5938 ext. 500.

Author's recent posts

More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Wednesday, 13 November 2024

Captcha Image

Posts by Topic

Tag Cloud

Blog Archive

2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014

Mobile? Grab this Article

QR Code

Free Consultation

team work

Interested in seeing what we can do for your business? Contact us to see how we can help you!

Sign Up Today!

News & Updates

The Connection, Inc Celebrates 32 Years as a Trusted Technology Provider!
The Connection, Inc. Celebrates 32 Years as a Trusted Technology Provider!   Since our founding in 1992, technology and the way we operate and do business has changed a lot. Companies that have adapted and aligned themselves with ...
Read More

Contact us

Learn more about what The Connection, Inc can do for your business.

The Connection, Inc
51 Village CT
Hazlet, New Jersey 07730

Copyright The Connection, Inc. All Rights Reserved. | Privacy Policy