• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

IIJ Global Solutions Singapore, Providing Cloud and Security Solutions

  • Home
  • Products
    • Zero Trust
    • Email Security
    • Email Phishing Training
    • Cloud Backup
    • Vulnerability Management
    • Endpoint Management
    • Log Management
    • IoT Remote Maintenance
    • Firewall Management
    • Secure Remote Desktop
  • Solutions
    • DX Edge Data Center
    • Logs Management Solution
    • Telework Solutions
    • System Integration
    • Cloud Services
    • Office IT Solutions
    • Retail IT Solutions
  • Blog
  • Materials
  • About Us
  • Careers
  • Contact Us
  • Site Map
  • 日本語ページ
    • 会社概要
    • ソリューション
You are here: Home / Blog / 3 measures to prevent Business E-mail Compromise(BEC) attacks

26/12/2020 By iij-sgp-mrk

3 measures to prevent Business E-mail Compromise(BEC) attacks

3 ways to prevent BEC email attacks

BEC Campaigns in Singapore

According to INTERPOL ASEAN CYBERTHREAT ASSESSMENT 2020, In 2018, FBI reported that companies all around the world lost USD 12 billion owing to Business E-mail Compromise(BEC).

The trend shows the amount of losses will continue to increase significantly over the next few years owing to the fact that more and more SMEs are going through a digital transformation.

However, many organizations neglect to implement measures to protect against the emerging cyberthreats.

Business E-mail Compromise (BEC) campaigns have proven to be low-cost, low-risk but high rate of return for malicious threat actors and syndicates.

In the first half of 2019, Singapore and Malaysia recorded the highest BEC attacks among the 10 member countries in the ASEAN region, with 54 per cent and 20 per cent respectively.

 

3 measures to prevent BEC attacks

From a technical point of view, there are 3 measures to prevent BEC attacks

 

1) Apply Sender Authentication

Basically BEC emails spoof sender email addresses. Sometimes, emails that the sender is Your domain and the recipient is also Your domain are sent.

These emails can be blocked by Sender Authentication technologies.
Here is the summary of Sender Authentication technologies.

3 measures to prevent BEC attacks

 

2) Use multiple anti-virus/anti-spam

There are no Anti-Virus vendors who can perfectly protect Virus
The effective way is to use multiple Anti-virus/Anti-spam products.

3 measures to prevent BEC attacks


3) Remove macro(scripts) part

According to CSA, there are reports of an ongoing Emotet malware campaign against businesses and organizations.

Emotet was first discovered as a banking Trojan designed to steal financial information. Victims get infected after clicking on embedded hyperlinks or opening document attachments found in malicious emails that downloads the Emotet malware.

The malware will then use the victim’s email to send out additional phishing emails to further spread the malware.

 

Emotet basically uses Microsoft Word file (with macro) to download and steal mail account, password, authentication information. Spread inside the LAN (Local Area Network) and download other malware like Trickbot and others.

The examples of Emotet attachment files’ name
First Order.doc
Inquiry.doc
Invoice.doc
P0.doc
purchase order.doc
PO-09321.doc
PO19090250.doc
PO 31472.doc
PO.4193214.doc
2019-11-26.doc
20191127.doc
0648207_20191127.doc
PO-09321.doc
Terms of Outgoing Payment – PX Holdings.doc

So the most effective way that prevent the damages by Emotet is removing macro scripts part from attached files.



IIJ SecureMX service is the easiest and most effective way to prevent BEC

As mentioned above, the 3 ways are effective to prevent BEC.

1) Apply Sender Authentication
2) Use multiple anti-virus/anti-spam
3) Remove macro(scripts) part


However, for companies who have no dedicated IT staff or sufficient budget, it may be hard to take actions for those 3 measures.

 

IIJ Singapore offers our email security service “IIJ SecureMX service” that can be linked with MS365 or Google.

3 measures to prevent BEC attacks

 



IIJ SecureMX is engaged by 2.4million accounts users not only in Japan but in other countries. That includes major banks, government agencies.

3 measures to prevent BEC attacks

 


IIJ SecureMX covers all of the Sender Authentication technologies.

3 measures to prevent BEC attacks

 


IIJ SecureMX implements triple Anti-virus and Anti-spam software.

3 measures to prevent BEC attacks

 


IIJ SecureMX has a function to remove macro from Microsoft Office file or PDF automatically

3 measures to prevent BEC attacks

 
IIJ SecureMX Introduction Material can be downloaded here.

 

Filed Under: Blog, SecureMX, Security, Telework Tagged With: BEC, SecureMX, Security

Feel free to contact us!

https://ap.iij.com/contact/

Primary Sidebar

Recent Posts

  • New Mail Audit option for IIJ SecureMX Service has been released
  • <ゼロトラストを活用した海外現地法人セキュリティ改善ウェビナー>
  • We have moved! (February 2022)
  • 5 crucial measures to protect from Ransomware
  • IIJ Launches New Managed ZTNA Secure Access Service; Safous

Categories

  • Acronis
  • ALog
  • Blog
  • Company
  • LanScope
  • Ransomware
  • Safous
  • SecureMX
  • Security
  • Telework
  • ZeroTrust

Tags

Acronis ALog BEC LanScope SecureMX Security Telework Zerotrust

Archives

  • August 2022
  • May 2022
  • February 2022
  • October 2021
  • September 2021
  • December 2020
  • November 2020
  • October 2020

Footer

Company Profile

IIJ Global Solutions Singapore Pte. Ltd.

Tel : +65-6773-6903

Location : 8 Burn Road #07-08 Trivex Singapore 369977

follow us in feedly

Recent Posts

  • New Mail Audit option for IIJ SecureMX Service has been released
  • <ゼロトラストを活用した海外現地法人セキュリティ改善ウェビナー>
  • We have moved! (February 2022)
  • 5 crucial measures to protect from Ransomware
  • IIJ Launches New Managed ZTNA Secure Access Service; Safous
  • We have launched a Special Website of our Log Management Solution
  • 3 measures to prevent Business E-mail Compromise(BEC) attacks
  • How to maintain the security level of your devices in the telework situation?

Search

Privacy Policy/Terms of Use

Privacy Policy

Terms of Use

Home

IIJ_Singapore_header
© IIJ Global Solutions Singapore Pte. Ltd. All rights reserved.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT