by Joe Hedegaard Ganly

Information Security Adviser

Joe Hedegaard Ganly

Business Email Compromise Guide

Business Email Compromise can impact your company assets, your supply chain, your customers and your brand.  These fraudulent emails are getting more sophisticated, more regular, more targeted and more difficult to detect. Ultimately they are causing businesses of all sizes significant losses.

So how can you mitigate the risk of BEC?  Here’s Saepio’s Five Step Guide to Business Email Compromise

 

STEP 1 – Block fraudulent emails from landing in your mailboxes with Mimecast’s Secure Email Gateway and Targeted Threat Protection.

STEP 2 – Invest in your Human Firewall – no matter how good, technology won’t prevent 100% of email threats so when something sneaks past the defences, ensure employees are aware and educated about the risk of BEC.  Think before you click.

STEP 3 – Work with a vCISO to implement best practice policy and process to minimise the risk of company money being transferred to a criminal.  Also apply a supply chain risk management strategy to reduce risk of BEC from business partners

STEP 4 – Configure a DMARC record to protect your brand and prevent your email domain from being used fraudulently against your business partners and customers

STEP 5 – Use Threat Intelligence tools to quickly identify and remove look-a-like domains, mimicked websites and fake social media profiles using your brand to dupe your customers and business partners.

 

We’re on hand to talk in more detail about BEC, and if you would like to assess your current security posture we can offer a free risk assessment.

Play
Play

Saepio's Guide to Secure Email

Saepio talk through our approach to protecting your organisation from Email based threats. Invest in a market leading cloud based technology which has advanced features for dealing with business email compromise and educate your users to deal with any suspicious emails which do manage to infiltrate your perimeter.

Ransomware Protection Guide

It’s our job at Saepio to understand the latest tactics of miscreants in the cyber world and deliver appropriate protection to our customers. Presently, the most successful widespread and targeted attacks involve intelligent exploits to deliver malware often in the form of ransomware payloads.

Statistics show that 50% of organisations have experienced an infection and in 40% of cases the ransom is paid. It’s a profitable industry, therefore booming. Saepio offer objective advice and effective solutions to combat these threats. Preventing Ransomware is a good example.

Read more in our Ransomware Protection Guide.

Endpoint Protection Guide

We’re often asked ‘why would a cybercriminal target our business?’. The reality is every organisation has something a threat actor can benefit from, so the more relevant question is, ‘how easy would it be for a cybercriminal to target our business?’.

Like many situations in life, cybercriminals tend to take the path of least resistance and pick the low hanging fruit. Any business that displays public facing technical vulnerabilities will be their first port of call. By using readily available scanning and reconnaissance tools to scope the security health of websites, applications, wireless networks, firewalls, etc, they will focus on weakness. In fact according to Forrester, 41% of successful cyber breaches are down to a technical vulnerability being exploited.

 

Read more in our Endpoint Protection Guide.

Vulnerability Management Guide

We’re often asked ‘why would a cybercriminal target our business?’. The reality is every organisation has something a threat actor can benefit from, so the more relevant question is, ‘how easy would it be for a cybercriminal to target our business?’.

Like many situations in life, cybercriminals tend to take the path of least resistance and pick the low hanging fruit. Any business that displays public facing technical vulnerabilities will be their first port of call. By using readily available scanning and reconnaissance tools to scope the security health of websites, applications, wireless networks, firewalls, etc, they will focus on weakness. In fact according to Forrester, 41% of successful cyber breaches are down to a technical vulnerability being exploited.

Read more in our Vulnerability Management Guide.