In the fifth episode of the “Cybersecurity for Small Business” podcast, host James from Extreme Networks discusses the critical issue of Business Email Compromises (BEC). This podcast aims to demystify cybersecurity for small businesses and promote cost-effective strategies to enhance their security. BECs are attacks where hackers gain unauthorized access to a business’s email system. Once in, they can monitor and manipulate communications, often impersonating trusted individuals within the organization to initiate fraudulent activities.
Notably, the podcast highlights that BECs have become increasingly prevalent, accounting for roughly 75% of the incidents faced by small businesses in the last year.
See here for news detailing the increase in BECs: Alarming Business Email Compromise Statistics 2023: The Rise (businessdit.com)
To elucidate the impact of BECs, three real-life case studies are presented:
- A property services company experienced an internal BEC when an attacker impersonated the owner, convincing an accounts person to make an unauthorized payment of $17,500.
- A construction company fell victim to an external BEC as an attacker altered an invoice’s bank account details, leading to a loss that couldn’t be recovered, illustrating the importance of careful payment verification processes.
- A professional services and engineering company faced a reverse external BEC when one of their suppliers was compromised. The attacker sent an altered invoice, and even though the payment was made, the company couldn’t recover the funds. This situation strained relations between the customer and supplier.
The podcast emphasizes several strategies to minimize the risk of BECs:
- Implement multi-factor authentication (MFA) for email accounts, making it significantly more challenging for hackers to gain access. See here for more instructions: How to implement Multi-Factor Authentication (MFA) | Microsoft Security Blog
- Establish secure payment workflows within your organization to detect irregularities and changes in payment information.
- Use strong, unique passwords for all critical accounts and systems.
- Be cautious about sharing financial information and maintain a high degree of vigilance when receiving payment-related communications.
In case of a BEC incident, immediate actions are crucial:
- Contact the bank to halt transactions related to the attack.
- Report the incident to the Australian Cyber Security Centre or your local cybersecurity authorities. See here on how to report incidents : Report a cyber security incident | Cyber.gov.au
- Change all passwords and enable MFA on compromised accounts.
- Investigate the extent of the breach by examining email folders and notifying stakeholders, including clients and suppliers.
This podcast serves as a valuable resource for small business owners, offering practical insights into the significant risks posed by BECs and cost-effective measures to strengthen their cybersecurity posture. It’s a call to action for all small businesses to prioritize email security, given the prevalence and potentially devastating consequences of BEC attacks.