BEC Campaigns in Singapore
According to INTERPOL ASEAN CYBERTHREAT ASSESSMENT 2020, In 2018, FBI reported that companies all around the world lost USD 12 billion owing to Business E-mail Compromise(BEC).
The trend shows the amount of losses will continue to increase significantly over the next few years owing to the fact that more and more SMEs are going through a digital transformation.
However, many organizations neglect to implement measures to protect against the emerging cyberthreats.
Business E-mail Compromise (BEC) campaigns have proven to be low-cost, low-risk but high rate of return for malicious threat actors and syndicates.
In the first half of 2019, Singapore and Malaysia recorded the highest BEC attacks among the 10 member countries in the ASEAN region, with 54 per cent and 20 per cent respectively.
3 measures to prevent BEC attacks
From a technical point of view, there are 3 measures to prevent BEC attacks
1) Apply Sender Authentication
Basically BEC emails spoof sender email addresses. Sometimes, emails that the sender is Your domain and the recipient is also Your domain are sent.
These emails can be blocked by Sender Authentication technologies.
Here is the summary of Sender Authentication technologies.
2) Use multiple anti-virus/anti-spam
There are no Anti-Virus vendors who can perfectly protect Virus
The effective way is to use multiple Anti-virus/Anti-spam products.
3) Remove macro(scripts) part
According to CSA, there are reports of an ongoing Emotet malware campaign against businesses and organizations.
Emotet was first discovered as a banking Trojan designed to steal financial information. Victims get infected after clicking on embedded hyperlinks or opening document attachments found in malicious emails that downloads the Emotet malware.
The malware will then use the victim’s email to send out additional phishing emails to further spread the malware.
Emotet basically uses Microsoft Word file (with macro) to download and steal mail account, password, authentication information. Spread inside the LAN (Local Area Network) and download other malware like Trickbot and others.
The examples of Emotet attachment files’ name
First Order.doc
Inquiry.doc
Invoice.doc
P0.doc
purchase order.doc
PO-09321.doc
PO19090250.doc
PO 31472.doc
PO.4193214.doc
2019-11-26.doc
20191127.doc
0648207_20191127.doc
PO-09321.doc
Terms of Outgoing Payment – PX Holdings.doc
So the most effective way that prevent the damages by Emotet is removing macro scripts part from attached files.
IIJ SecureMX service is the easiest and most effective way to prevent BEC
As mentioned above, the 3 ways are effective to prevent BEC.
1) Apply Sender Authentication
2) Use multiple anti-virus/anti-spam
3) Remove macro(scripts) part
However, for companies who have no dedicated IT staff or sufficient budget, it may be hard to take actions for those 3 measures.
IIJ Singapore offers our email security service “IIJ SecureMX service” that can be linked with MS365 or Google.
IIJ SecureMX is engaged by 2.4million accounts users not only in Japan but in other countries. That includes major banks, government agencies.
IIJ SecureMX covers all of the Sender Authentication technologies.
IIJ SecureMX implements triple Anti-virus and Anti-spam software.
IIJ SecureMX has a function to remove macro from Microsoft Office file or PDF automatically
IIJ SecureMX Introduction Material can be downloaded here.