- Microsoft, “What is Conditional Access?”, (8/15/2022).
- Microsoft, “Blocking legacy authentication”, (8/15/2022).
A business email compromise is an e-mail-based cyber-crime in which criminals target and attempt to defraud the business, generally through wire transfer or wire diversion fraud. Commonly, attackers can use phishing techniques utilizing stolen credentials or attempt to divert or initiate a fraudulent wire transfer. In many cases, these emails will appear to come from a known-good or trusted source.
As an example, your third-party vendor ACME Co. has a domain of @acmeco.com and you receive an email from @acneo.com OR @acrneo.com. They may even utilize similar looking email signatures to make these emails look more legitimate. These are attempts by the criminals to spoof a trusted source to defraud a business by giving their emails an appearance of legitimacy.
With the increased focus around governments to monitor or block payments made with cryptocurrency as payment for ransomware cases, in addition to the volatile nature of the cryptocurrency market criminal groups could turn to BEC as more profitable cybercrime. BEC attacks commonly include other crimes like invoice fraud or other attempts to get businesses to wire money to the criminals.
This can depend on your IT environment, however, a “defense in depth” approach may provide a good chance of defeating a threat actor; even if they manage to breach your systems or begin to human engineer your employees. The few steps below can help you better protect your business from being defrauded.
General leading practices
Microsoft 365 leading practices
Blog authored by: Dennis Labossiere and Corey Berman
Disclaimer: The KPMG name and logo are trademarks used under license by the independent member firms of the KPMG global organization.
Working together to respond to the challenges.Read more