One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8495932 |
| Date de publication | 2024-05-08 06:00:27 (vue: 2024-05-08 14:07:27) |
| Titre | Comment les attaquants utilisent-ils des e-mails usurpés pour détourner vos communications commerciales?4 scénarios de risque How Do Attackers Use Spoofed Email to Hijack Your Business Communications? 4 Risk Scenarios |
| Texte | When you hear the term “spoofed” email, does business email compromise (BEC) come to mind? It does for many people-especially security leaders. BEC is a form of email fraud, and it has been a top concern for chief information security officers for years. BEC scams are a costly problem. The latest Internet Crime Report from the FBI\'s Internet Crime Complaint Center (IC3) notes that adjusted losses from BEC were $2.9 billion last year. Since 2013, accumulated financial losses due to BEC have reached nearly $53 billion. Spoofing is impersonation, and it is the essence of email fraud. It is also one of the most common techniques used in other types of attacks like phishing and ransomware. Your business, like many, probably focuses on stopping spoofed emails before they can reach employees\' inboxes. However, there is more to worry about. Spoofed email has the potential to damage your brand reputation and jeopardize your business ecosystem, too. In this post, we will explore various impersonation risk scenarios. But first, let\'s look at some common tactics. Impersonation tactics Here are some common methods bad actors use to impersonate others so they can further their attacks. Display name spoofing. The display name appears in the “From:” field of an email. It is the easiest email identifier to manipulate. Attackers forge email headers so that client software displays the fraudulent sender, which most users take at face value. Domain spoofing. Bad actors will use an exact match of an organization\'s domain to launch this type of fraud attack. Attackers who engage in domain spoofing will attempt to imitate the sending server or sending domain. Lookalike domains. Third parties can register lookalike domains and send email that appears to have come from a trusted source. Compromised supplier accounts. In some advanced attacks, attackers will compromise an account from a supplier that works with the business that they want to target. They will use the compromised supplier account to hijack the email communication between their target and its supplier. Eventually, attackers are in a position to launch an attack or solicit fraudulent payment or sensitive data. Attack scenarios Now, let\'s dive into how attackers can use spoofed emails to exploit the trusted relationships you have with your customers, business partners, suppliers and employees. Scenario 1: Impersonate you to target your employees You are probably most familiar with the first scenario, where attackers pretend to be someone within your company, like your CEO or manager. The scam often starts with a simple lure that seems to be a benign message like: How is your day? Are you at your desk? Can you help me with something urgent? Once attackers get a victim to engage, the conversation evolves. The bad actor may request the victim to purchase gift cards for them, proceed with a fraudulent payment, or share confidential data. Not only can attackers impersonate executives, but they can also pretend to be general employees asking human resources to redirect their payrolls. In short, it doesn\'t matter what a victim\'s role is. Anyone can be impersonated to target anyone within an organization. An example of a simple lure where the attacker used display name spoofing to impersonate Ken, the CEO. Another example of a BEC lure where an attacker used a lookalike domain of Watertronics (vs. waltertronics, in the example) to spoof their CEO. Scenario 2: Exploit your suppliers or business partners to target your employees The most common theme in this scenario is supplier invoicing fraud. Bad actors will exploit a company\'s suppliers using tactics such as malicious lookalike domains of suppliers or compromised supplier accounts to either send a fake invoice or request the victim to redirect the payment to a bank account that the attackers control. (Sometimes, we see multiple |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $53 100 2013 300 about abusing account accounts accumulated achieve actionable actor actors actually adaptive adjusted advanced adversaries against all allows along already also analysis another any anyone app appears application applications applying appointment approach apps are artificial ask asking aspect attachment attack attacker attackers attacks attempt authenticate authentication average awareness bad bank bec because become been before behavioral believes benign better between billion block brand business businesses but campaign can cards carry causing center ceo check chief client come common communication communications companies company compared complaint complete complexity comprehensive compromise compromised compromises concern confidence confidential confirmation considered control controls conversation costly could crime critical customers customers customers damage damaging data date day defend defense depth desk detect detection discussion display displays disrupting dive does doesn doing dollars domain domains don done downloading driven due easier easiest ecosystem effective effectively either email emails emerging employees employees empower end enforce engage entities especially essence even eventually every evolves exact example example: executives experts exploit explore exposed exposure face fact fake familiar fbi field financial finding first focuses forge form fraud fraudulent from further furthermore game general generate generated get gift give goals hard harder has have haven headers healthcare hear help here high hijack hijacking how however human ic3 iceberg identifier identify imitate impact impersonate impersonated impersonation implement important impostor inboxes including increasingly information intelligence interacting intercept internet invoice invoicing involve isolation its jeopardize join jointly just ken knowledge language large last latest internet launch leaders learn learning legitimate let like like: likely list llms look lookalike lose losses lure machine malicious malware manager manipulate many match matter may merchants message messages methods might million millions mind mitigate mitigating models modern more more moreover most much multilayered multiple name nearly need negatively newsletters not notes notifications now number obtain officers often once one only order organization other others out overlook pair parties partner partners partners party payload payment paypal payrolls people per pervasive phishing piece place position post potential potentially pretend prevent probably problem proceed program promote proofpoint proper protected protection provide provider providers provides purchase ransomware reach reached redirect reduce regardless register registered registering relationships remember reminders report report from reputation request resources result right risk risk risk: risky robust role saas safeguard salesforce scam scams scenario scenarios scenarios security see seems send sender senders sending sensitive sent server service share shipping short should significant similar simple since single software solicit solution some someone something sometimes sophisticated source spoof spoofed spoofing spot start starts stop stopping such supplier suppliers sure suspicious tactic tactics tactics take target targets techniques technology tens term than them theme themes these third those threat threats tip tips too tools top transactional trick trust trusted turn type types unauthorized understand unheard unlike urgent urls use used user users uses using value variety various vendor very victim visibility vulnerable waltertronics want watertronics ways webinar well what when where which who wide will within without works worry year years your yours “from:” “spoofed” “you “you” |
| Tags | Ransomware Malware Tool Threat Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.