Experts warn that the number of Business email compromise attacks using SMS is growing.
Security experts issued a report that Business Email Compromise (BEC) attacks are on the rise. The threat actors assume the identities of business leaders through email and try to mislead staff into transferring a wire transfer or something similar.
BEC attacks are increasing
According to a cyber security website, the number of business email attacks that use SMS instead of email has been continuously growing.
The attacker would contact the victim, identify themselves as a corporate boss, and send a copy of an old report. They’d ask the victim to begin a wire transfer, adjust a payroll account, or move corporate cash in some other way in the same communication.
Business emails are Important
Email is an important part of the modern workplace since it helps users to better adapt their work habits to the digital environment. Users may discuss business ideas and keep communication outside of regular office hours. Users may access their email from anywhere, on any device, at any time, thanks to email’s adaptability to the demands of today’s enterprises.
Business hosted email bridges corporate boundaries – it is the lowest common denominator for all enterprises. It allows for external communication and serves as the major means of staying in touch with partners, consumers, and vendors outside of a business.
More powerful than email
According to online security website experts, there are several advantages to employing SMS for BEC assaults rather than emails. The apparent advantage is that there are fewer components that might cause the target to become suspicious. While every email has the sender’s address, which may be used to screen for possible fraud, an SMS message simply contains the phone number, and in many circumstances, workers do not know their bosses’ phone numbers and may not double-check them.
Furthermore, the attackers might refuse a possible phone contact by claiming to be at a meeting or otherwise unavailable to answer the call. SMS communication is far faster than email, allowing threat actors to complete their tasks much faster. A study shows that unwanted text messages quadrupled in 2022 compared to 2019.
Initiating wire transfers may also raise suspicions, which is why scammers frequently encourage victims to buy gift cards instead. They would promise to repay the victims for their purchases. The majority of the time, the criminals would request that their victims purchase gift cards from e-commerce websites like eBay store, Walmart, Target, etc.
Email Security Prevention Tips
To guard against SMS-based BEC attacks, organizations should educate their employees on security awareness to ensure secure email and require them to always check people’s identities while conversing via text messages. Furthermore, businesses should educate their employees about how private data from social media accounts can be scraped and used in attacks, and finally, they should insist on multi-factor authentication (MFA) wherever possible, to make it more difficult for threat actors to gain access to valuable systems.
Here are email security essential tips
- Use a secure email password.
- Keep track of your email habits.
- Keep an eye out for “Phishing Emails.”
- Do not open attachments without first scanning them.
- Never use public WiFi to view your emails.
- Alter your password as frequently as feasible.
- Use caution when using electronic gadgets.
- Avoid disclosing your email address.
- When you’re finished, log out of your email account.
In short
Although email is becoming less popular in business, however, it will continue to play an important function as a communication medium for the foreseeable future. However, given the sheer volume and complexity of attacks, understanding email security solutions and making systems as safe as possible is significant.
