Phishing, Spear-Phishing, Whaling and Business Email Compromise (BEC) explained - Cyber Tip Tuesday

Welcome to this week's Black Arrow Cyber Tip Tuesday, this week Bruce is talking about Phishing emails including Business Email Compromise or BEC.

Many of you will be familiar with receiving phishing emails that, for example, encourage you to click a link to unblock your PayPal account, or encourage you to respond to an urgent message.

Although you still see that type of email, they are being replaced by much more sophisticated versions that are addressed specifically to you. These encourage you, by name, to look at an attached document or to contact the sender for a private discussion.

If you click on the attachment it will try to download malware, or if you reply to the sender then you will be starting a correspondence that will likely lead to you being duped into a later harmful activity. These personalised types of emails are called spear phishing, and they have become more prevalent because the software to create them is more easily available online and so they require less work by the attacker.

A variation of spear phishing is when the attacker targets the senior leadership in an organisation because those targets have more valuable information on their computer, and they are likely to have more wealth to exploit. This is called whaling, and again they take a bit more effort on the part of the attacker, but the rewards can be greater.

Another type of email attack is called Business Email Compromise, or BEC.

In this case, someone’s email account is broken into, and the attacker monitors the emails while the email owner is unaware. Then, at an opportune moment, the attacker will send an email to the victim with an instruction such as to use alternative bank account details for a payment. The payment goes straight to the attacker instead of the correct recipient, and the victim does not find out until it is too late.

You cannot rely on technology to stop these kinds of attacks.

You need strong people controls, where everyone should be suspicious of email and aware of the types of possible attacks.

The best thing to do is to contact the supposed sender of the email to ask them to confirm that they sent you that email before you open it. And if you are suspicious of an email from someone you do not know and you cannot contact them, then you might want to delete it; if it is a genuine email then the sender can contact you again.

If you'd like to know more about how you can protect yourself or your company, have a look at the information on our site, blackarrowcyber.com, and contact us to see how we can help you.

Previous
Previous

Black Arrow Cyber Threat Briefing 23 April 2021

Next
Next

Black Arrow Cyber Threat Briefing 16 April 2021