Today’s BEC attacks are more nuanced, more accessible, less technically demanding, and consequently, more dangerous than ever before. In our report, 2023 BEC Trends, Targets, and Changes in Techniques, we take a hard look at the anatomy of Business Email Compromise (BEC) attacks today and the lures that are drawing users to the bait in record numbers.
The Popularity of BEC Attacks
Nefarious email impersonations like BEC now account for nearly 99% of all reported threats, per our recent findings. According to the most recent FBI Internet Crime (IC3) Report, BEC accounted for $2.7 billion dollars in adjusted losses annually. By comparison, ransomware cost a ‘paltry’ 34 million. That means BEC costs more than ransomware (the industry “boogeyman”) by a factor of nearly 79 times. No wonder BEC scams skyrocketed by 81% in 2022 (the year of the IC3 report).
Cybercriminals have flocked to our inboxes in even greater numbers as sophisticated network and endpoint solutions have proven hard to crack. While that’s one point for modern security architecture, it makes protecting open-door areas like email that much harder. What is the key benefit of compromising an enterprise through email? Anyone can be on the receiving end, and more often than not, “anyone” doesn’t know the tell-tale signs of attack.
To clarify, email impersonation attacks are social engineering emails that can rely on well-crafted communication or contain virtually no content at all. While they do not always (and often don’t) include a malicious link or attachment, they do provide a link, email address, or phone number so that the user can communicate with the sender. Attempting to seem as normal as possible, they lean heavily on stolen branding (logos, images) to fake authenticity.
Key Findings
Leveraging data from Fortra’s Agari and PhishLabs solutions, we were able to come to the following conclusions about BEC attacks and other email impersonation threats today. These trends serve as sobering indicators of what organizations can expect in the year ahead.
- Corporate inboxes face an onslaught of attacks. No less than a quarter of all reported emails fell into the “malicious” or “untrustworthy” category, and of those, nearly all were email impersonation attacks. Within that category, BEC attacks garnered the greatest share of losses and accounted for 14% of all impersonation attack activity.
- Email impersonations are the hardest to block. Anyone can send an email, and it no longer takes a malware attachment or malicious link to get the payload. All it takes is a clever guise, and the unwitting employee could call you, offering up their personal information to “update their Windows account.” This makes it nearly impossible for traditional email security solutions to catch signs of nefarious activity, and email impersonation attacks are the top threats making it past Secure Email Gateways. As pure-play social engineering messages have managed to slip by defenses, they have gradually overtaken malicious links and attachments in overall volume.
- BEC actors: “Now intercepting payments”. Now, attackers are performing man-in-the-middle(esque) attacks by intercepting payments traveling to legitimate vendors. These bad actors will pose as XYZ company and offer a friendly payment reminder about their upcoming bill. Want to make it easier? Click this link to be routed to a pay-now option. After the transaction, the organization will have paid – but to the wrong party. Watch out for emails asking for the “outstanding balance” or the “owed amount.” Actual companies know how much you owe and aren’t afraid to tell you; vague language can be a red flag for fraud.
- Let’s go Office 365 Phishing. In Q1 of this past year, phishing attacks targeting Office 365 credentials doubled in number. While not new, the increase in this type of attack is largely attributed to the wide availability of toolkits made for the purpose; with little experience or sophistication, low-skill hackers can perform Microsoft 365 attacks at a speed and scale (and success rate) unavailable to them before. The bar has been lowered for attackers looking to attack the popular software platform, and attacks have trended upward consistently over the past year.
- Hybrid vishing takes the lead. Incredibly, this past year saw hybrid vishing overtake BEC and the ever-popular “419 scams” for the top spot, making up more than 45% of response-driven attack volume. Defined as phishing that uses both email and telephone communication to execute attacks, hybrid vishing relies on the additional layer of trust established by one-on-one communication between the victim and threat actor. These attackers pose as customer service representatives, legitimizing the bogus email that preceded them and taking more and more users in their snare. The results can be anything from stolen PII to pilfered credit card credentials to malware delivery.
Email impersonation threats like BEC are changing the game and altering how organizations secure their inboxes. Because traditional antivirus and email security tools so easily miss them, these attacks require companies to invest in technology that can spot bad behaviors in the act. This is achieved through machine learning algorithms that can recognize anomalies, make predictions, and block harmful patterns of attack.
To view the full report, click here.
FAQs
Frequently Asked Questions
What is a Premium Domain Name? A premium domain name is the digital equivalent of prime real estate. It’s a short, catchy, and highly desirable web address that can significantly boost your brand's impact. These exclusive domains are already owned but available for purchase, offering you a shortcut to a powerful online presence. Why Choose a Premium Domain? Instant Brand Boost: Premium domains are like instant credibility boosters. They command attention, inspire trust, and make your business look established from day one. Memorable and Magnetic: Short, sweet, and unforgettable - these domains stick in people's minds. This means more visitors, better recall, and ultimately, more business. Outshine the Competition: In a crowded digital world, a premium domain is your secret weapon. Stand out, get noticed, and leave a lasting impression. Smart Investment: Premium domains often appreciate in value, just like a well-chosen piece of property. Own a piece of the digital world that could pay dividends. What Sets Premium Domains Apart? Unlike ordinary domain names, premium domains are carefully crafted to be exceptional. They are shorter, more memorable, and often include valuable keywords. Plus, they often come with a built-in advantage: established online presence and search engine visibility. How Much Does a Premium Domain Cost? The price tag for a premium domain depends on its desirability. While they cost more than standard domains, the investment can be game-changing. Think of it as an upfront cost for a long-term return. BrandBucket offers transparent pricing, so you know exactly what you're getting. Premium Domains: Worth the Investment? Absolutely! A premium domain is more than just a website address; it's a strategic asset. By choosing the right premium domain, you're investing in your brand's future and setting yourself up for long-term success. What Are the Costs Associated with a Premium Domain? While the initial purchase price of a premium domain is typically higher than a standard domain, the annual renewal fees are usually the same. Additionally, you may incur transfer fees if you decide to sell or move the domain to a different registrar. Can I Negotiate the Price of a Premium Domain?
In some cases, it may be possible to negotiate the price of a premium domain. However, the success of negotiations depends on factors such as the domain's demand, the seller's willingness to negotiate, and the overall market conditions. At BrandBucket, we offer transparent, upfront pricing, but if you see a name that you like and wish to discuss price, please reach out to our sales team.
How Do I Transfer a Premium Domain?
Transferring a premium domain involves a few steps, including unlocking the domain, obtaining an authorization code from the current registrar, and initiating the transfer with the new registrar. Many domain name marketplaces, including BrandBucket, offer assistance with the transfer process.
