TELL TALE SIGNS OF A BEC ATTACK
The #1 way to avoid a business email compromise (BEC) is to stop and think every time you’re interacting with an email (or attachment).
TELL TALE SIGNS OF A BEC ATTACK
It’s pretty easy to spot a BEC if you’re paying attention to the emails that you open.
Your first RED FLAG… is if you receive an email and it prompts you to sign in directly from a link within the email to an account you probably use frequently such as a:
Microsoft 365 account
Google Workspace
Drop Box
Sales Force (etc…)
THE 2ND RED FLAG…
The second red flag within the email is if it prompts you to take action such as one of the following:
Click the link;
Download “something”;
Listen to a voicemail;
Look at an Invoice, Refund, etc…
If you click the link, the BEC email will take you to a “login page” that looks almost identical to a ‘real’ login page.
STOP!
Think about what just happened and why you would need to enter your email & password.
DID YOU CLICK THE LINK? OH NO. NOW WHAT SHOULD YOU DO?
Check the URL in the address bar of that logon page that the email lead you to directly. Is it the correct one for whatever you’re logging into?
Check with your security officer, IT department or IT provider if you have the slightest unease that this could be a scam. They should be able to assist.
Is this the type of thing you normally receive from this person? Maybe it’s ok, maybe not – if something doesn’t smell right, give them a call and verify if it’s legit.
These days, the number one strategy the bad guy uses is to try and get your username, password plus MFA approval within these fake logon pages. Most commonly a fake Microsoft 365 login page.
REAL VS FAKE
Here is a real one, the address will start with: https://login.microsoftonline.com/
The fake one will start with something other than https://login.microsoftonline.com/, there are tens of thousands of fake login pages created on any given day.
I hope this helps reduce your risk of an email compromise. Stay alert and think before you clink on a link in any emails!