How to monitor for BEC Scams: Common Subject Lines
Business Email Compromise (BEC) is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The spear phishing campaign is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
Google and Facebook both fell victim to a BEC scam that swindled $100 from the two tech firms. Read more here.
According to Symantec’s 2017 Internet Security Threat Report, “Request” was the most popular keyword used in subject lines for BEC scam emails; followed by “Payment” (15%) and “Urgent” (10%).
A number of NetFort’s customers are finding the LANGuardian SMTP Email Decoder pretty useful for detecting BEC spammers, as it allows you to search by subject, along with more detailed information such as sender, recipient, attachment name, mime type, attachment description, timestamps and the IP address of sender and recipient.
Checking for specific Email subject lines
The steps to create this report are as follows:
According to the FBI’s Internet Crime Complaint Center (IC3), “the BEC scam continues to grow, evolve, and target businesses of all sizes”. Read more here
The key takeaway here is to carefully scrutinize all emails. Be wary of irregular emails sent from C-Suite Executives, as they are used to trick employees into acting with urgency. Carefully review and verify fund transfer requests.