A nightmare scenario – employee in the finance department receives an email request from some one purporting to be a senior executive, CEO, CFO etc. Requests can include an urgent transfer of money, or payment of an invoice. Funds are transferred, invoices paid but its all FAKE !!
This is Business Email Compromise (BEC) – an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity to defraud the company or its employees, customers or partners of money. Simply by using an email address that is based on the organisation’s own email domain.
Search the online news and you will find many unfortunate stories of organisations, large and small, that fall victim to such a simple scam technique. Millions of dollars are lost every year – the FBI calculated that almost $2.3 billion was handed over innocently to hackers between Oct 2013 to April 2016.
There’s a exceptionally simple solution.