Q: We’ve heard that BEC attacks are one of the most prominent cybersecurity threats to our customers’ businesses today. What is this and how can we protect our SMBs from its attempts to breach our defenses?
Business Email Compromise (BEC) attacks are a successful method for bad actors to trick end users into exposing sensitive assets and other information. As is the case with many other tactics employed by hackers, BEC attacks heavily focus on individual end users. As an MSP, it is important to not only articulate the severity of BEC attacks to your customers, but also to proactively protect against them as well.
To help MSPs understand the ways that they can protect their customers from BEC attacks, we spoke with Mark Ballegeer, systems engineer at Barracuda MSP. Mark offered a detailed breakdown of BEC attacks and how Barracuda can help MSPs protect end users.
BEC attack basics
As the name “Business Email Compromise” hints, BEC happens when an attacker hijacks an email account and attempts to impersonate someone in the business. By creating calls-to-action and sending from within the victim’s legitimate email address, these attacks have been known to trick email recipients into sending personal information or money.
In response, many businesses have put more security measures in place, beyond just solutions and technology. More and more companies are requiring employees to meet a certain minimum level of security education and awareness as part of their job, regardless of how much sensitive data the employee handles on a regular basis.
As scanners and tools have evolved to defend users from these simple attacks, so did the attacks themselves. Bad actors began pulling from any and all available resources in order to conduct research on each company that they would target. This meant more than simply knowing the names of the executives at the company in order to exploit them, but also profiling potential employees to target. Over time, each wave of BEC attacks seems to become more specialized and personalized to each company and employee that receives it. The extra effort from bad actors has allowed their attacks to remain a significant security threat, despite the growing awareness within companies about them.
Your role as the MSP
It’s tough to spot a BEC attack — especially if it is coming from a legitimate account. To most effectively protect your SMB customers from today’s threats, you need to continually educate them on security best practices, in addition to putting technical safeguards in place, particularly technologies that will block known threats before they even reach the end user. Additional resources that can detect and warn customers about less obvious threats, such as ones that use social engineering techniques.
The damage done to a business by a successful attack can be devastating. In addition to compromising data or money, it could also damage your customer’s reputation, making them less desirable to do business with in the eyes of prospective customers. It could also mark them as an easy target for other bad actors.
To help your customers stay one step ahead, it’s important that you educate yourself on the types of attacks that you are defending against and the security tools available to you, so that you can build the best defense possible. Continuously monitoring the security landscape will prevent you from being caught off guard and it can help keep the bad actors at bay.
The best practices for defending against BEC attacks involve being proactive in strengthening the defense of your MSP’s clients. Don’t wait for the BEC attacks to adapt and then react to them. Anticipate the ways they may try to breach your defenses and further protect against that point of entry. Remember, your clients are your partners in cybersecurity. With the right guidance, your MSP can turn them from a security liability into a security asset.
Photo: sarayut_sy / Shutterstock
