• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

IIJ Global Solutions Singapore, Providing Cloud and Security Solutions

  • Home
  • Products
    • Endpoint Management
    • Log Management
    • Secure Remote Desktop
    • Email Security
    • Firewall Management
  • Solutions
    • IIJ Singapore Telework Solutions
    • System Integration
    • Cloud Service
  • Blog
  • Materials
  • About Us
  • Contact Us
  • Site Map
  • 日本語ページ
    • 会社概要
    • ソリューション
You are here: Home / Blog / SecureMX / 3 measures to prevent Business E-mail Compromise(BEC) attacks

26/12/2020 By iij-sgp-mrk

3 measures to prevent Business E-mail Compromise(BEC) attacks

3 ways to prevent BEC email attacks

BEC Campaigns in Singapore

According to INTERPOL ASEAN CYBERTHREAT ASSESSMENT 2020, In 2018, FBI reported that companies all around the world lost USD 12 billion owing to Business E-mail Compromise(BEC).

The trend shows the amount of losses will continue to increase significantly over the next few years owing to the fact that more and more SMEs are going through a digital transformation.

However, many organizations neglect to implement measures to protect against the emerging cyberthreats.

Business E-mail Compromise (BEC) campaigns have proven to be low-cost, low-risk but high rate of return for malicious threat actors and syndicates.

In the first half of 2019, Singapore and Malaysia recorded the highest BEC attacks among the 10 member countries in the ASEAN region, with 54 per cent and 20 per cent respectively.

 

3 measures to prevent BEC attacks

From a technical point of view, there are 3 measures to prevent BEC attacks

 

1) Apply Sender Authentication

Basically BEC emails spoof sender email addresses. Sometimes, emails that the sender is Your domain and the recipient is also Your domain are sent.

These emails can be blocked by Sender Authentication technologies.
Here is the summary of Sender Authentication technologies.

3 measures to prevent BEC attacks

 

2) Use multiple anti-virus/anti-spam

There are no Anti-Virus vendors who can perfectly protect Virus
The effective way is to use multiple Anti-virus/Anti-spam products.

3 measures to prevent BEC attacks


3) Remove macro(scripts) part

According to CSA, there are reports of an ongoing Emotet malware campaign against businesses and organizations.

Emotet was first discovered as a banking Trojan designed to steal financial information. Victims get infected after clicking on embedded hyperlinks or opening document attachments found in malicious emails that downloads the Emotet malware.

The malware will then use the victim’s email to send out additional phishing emails to further spread the malware.

 

Emotet basically uses Microsoft Word file (with macro) to download and steal mail account, password, authentication information. Spread inside the LAN (Local Area Network) and download other malware like Trickbot and others.

The examples of Emotet attachment files’ name
First Order.doc
Inquiry.doc
Invoice.doc
P0.doc
purchase order.doc
PO-09321.doc
PO19090250.doc
PO 31472.doc
PO.4193214.doc
2019-11-26.doc
20191127.doc
0648207_20191127.doc
PO-09321.doc
Terms of Outgoing Payment – PX Holdings.doc

So the most effective way that prevent the damages by Emotet is removing macro scripts part from attached files.



IIJ SecureMX service is the easiest and most effective way to prevent BEC

As mentioned above, the 3 ways are effective to prevent BEC.

1) Apply Sender Authentication
2) Use multiple anti-virus/anti-spam
3) Remove macro(scripts) part


However, for companies who have no dedicated IT staff or sufficient budget, it may be hard to take actions for those 3 measures.

 

IIJ Singapore offers our email security service “IIJ SecureMX service” that can be linked with MS365 or Google.

3 measures to prevent BEC attacks

 



IIJ SecureMX is engaged by 2.4million accounts users not only in Japan but in other countries. That includes major banks, government agencies.

3 measures to prevent BEC attacks

 


IIJ SecureMX covers all of the Sender Authentication technologies.

3 measures to prevent BEC attacks

 


IIJ SecureMX implements triple Anti-virus and Anti-spam software.

3 measures to prevent BEC attacks

 


IIJ SecureMX has a function to remove macro from Microsoft Office file or PDF automatically

3 measures to prevent BEC attacks

 
IIJ SecureMX Introduction Material can be downloaded here.

 

Filed Under: SecureMX, Security Tagged With: BEC, Security

Feel free to contact us!

https://ap.iij.com/contact/

Primary Sidebar

Recent Posts

  • 3 measures to prevent Business E-mail Compromise(BEC) attacks
  • How to maintain the security level of your devices in the telework situation?
  • 【JPN】wizLanScope にブログを投稿しました!
  • Our Website has been renewed!

Categories

  • Company
  • LanScope
  • SecureMX
  • Security

Tags

BEC Security Telework

Archives

  • December 2020
  • November 2020
  • October 2020

Footer

Company Profile

IIJ Global Solutions Singapore Pte. Ltd.

Tel : +65-6773-6903

Email : info@ap.iij.com

Location : 61 Ubi Avenue 1, UB Point  #03-16,

Singapore, 408941

ISO 27001 Certified

ISO27001

Recent Posts

  • 3 measures to prevent Business E-mail Compromise(BEC) attacks
  • How to maintain the security level of your devices in the telework situation?
  • 【JPN】wizLanScope にブログを投稿しました!
  • Our Website has been renewed!

Search

Privacy Policy/Terms of Use

Privacy Policy

Terms of Use

Home

IIJ_Singapore_header
© 2020 IIJ Global Solutions Singapore Pte. Ltd. All rights reserved.