Business eMail Compromise (BEC)

Million-Dollar Scams

social-engineering-fotolia-290px

What’s Behind the Business Email Compromise Numbers

Glaring Reality

Email is the most common source of attacks. This survey of our Chief Information Security Officers (CISO) shows some alarming statistics that are disrupting our businesses. I spoke to several companies that build and ship end-point solutions and many state that their customers do not want to invest in security solutions – it’s a pay me now or pay me later scenario… BTW one company stated that three of there customers were hit just in the last month by cybercrime and one the business had to be sold. Cyber criminals are ramping up, getting organized and devising new techniques daily to penetrate your company and devise a way to extract your money, your data and your intellectual property. Here is one of the latest… small talk yields big results.

ciso-threats

The Effects

FBI reports in 2015, that the top Internet Crimes Reported. Key word here is “Reported”.

fbi-ic3-2015-2

Business Email Compromise, is a clear validation of the something missing in the market.  This is also a clear indicator that the current Email Security Solutions in the market are inefficient,they are lacking or just not implemented in a way to STOP the global spread of BEC. According to the FBI the USA is the #1 target of Internet Crime reporting 80.2% of the Global iC3 numbers.

fbi-june-2016-3-1-billion-22143-victims

FBI Report June 2016 shows this has expanded…

eMailGPS has both sustained technology and disruptive technology and clearly can make a HUGE DIFFERENCE in combating this type of Internet Crime.

 

FBI IC3

 

The Analysis

eMailGPS works with Microsoft Outlook the #1 Business email system in most corporations and > 1 Billion clients has it widely installed and a favorite in the business communities. It is clear that the Security solutions today have lowered the #21 Phishing/Vishing/Smishing /Pharming, #24 Malware/Scareware, #26 Ransomware  and#28 Viruses in the market. However,  #1 “Business Email Compromise”  Internet Crime was $246M, 17.6 times higher the common security threat you expect… and breaches are still occurring #9 and #12.

The Awareness

eMailGPS was designed to combat this new threat “Business Email Compromise”, and moving the forensics to the desk top allows our Trusted Intrusion DetectionTM to discover highly suspected beaches. Our core detection of untrusted email sources both known and suspected is the basis of our Outlook add-in. When the forensics are pushed to the desktop, where they can be investigated with email GeoMappingTM to ensure their validity, then newly educated end-users (eMailGPS Intrusion 101 and 102) now are armed with the knowledge to send suspected email IP-Addresses to the Help-desk or Securities teams and they can make the proper setting is the Firewall and Spam Filters to accept or block these IP-Addresses. This stops the intrusion of untrusted emails once Discovered, Reported and Resolved.

The Learning Awareness

Learning Series to raise overall awareness of BEC scams, CEO Scams and High-Valued targets.

The Best Practices

Generally, users shouldn’t reply to any emails that seem suspicious, eMailGPS provides “One-Click” quarantine and notification to Security Teams. Question any emails requesting actions that seem unusual or aren’t following normal procedures. Cybercriminals are not just after money, but intellectual property and gateways to other financials data. We will continue to share examples of all these intrusions on our website, articles, news, social media – Twitter, Instagram, LinkedIn and YouTube.

We have implemented a software-driven threat triage that isolates emails into 3 categories:

RED, these are emails coming from high-threat sources – we isolate these emails in many ways 1) mark the intrusion RED, 2) require a pin-code to open the email, 3) one-click quarantine of email, 4) notification the security teams on the threat, 5) optionally notify monitoring systems of threats and 6) optionally automatically update the firewall and/or the spam filters of threats.  

YELLOW, these are emails from untrusted sources yet to be identified as safe sources – end-users can “One-Click” quarantine and notification to Security Teams.

PURPLE, these are emails that operate in the “Circles of Trust” that have defined finger prints that identify them as emails sent by people within the circle – a SMB, enterprise, B2B, B2C, C2C, B2G and G2G. These are not GREEN because GREEN would assume the email is 100% safe and there is still a limited possibility that an intrusion has been camouflaged in a new way by cyber criminals to avoid detection.

Other Sources of Best Practices

US-Cert Recognizing and Avoiding Email Scams