What Is Business Email Compromise (BEC)?

TechDogs Avatar

Do you know how your mom always used to tell you not to talk to strangers? Well, she was right. Talking to strangers with malicious intentions is precise what business email compromise (BEC) attacks are about. In a BEC attack, hackers impersonate an employee of the company they're targeting and send out phishing emails that examine if they're coming from someone in the company. This can be done by spoofing an email address or even creating a fake domain name that looks like an official one. These attacks aim to access sensitive information and perform various effective hacking. BEC attacks are also called "man-in-the-email" attacks because they involve impersonating someone else to get information from a third party. So if you see an email asking for your personal information or money—especially from someone you don't know—you should proceed cautiously! Hacking attacks have many forms and can be hard to keep up with. There are phishing scams, ransomware, remote access tools, and more. There's one type of attack we've seen recently: business email compromise. If you're unfamiliar with it, BEC is precisely what it sounds like—hackers spoof an email from your company or an employee and trick someone into sending them money or information. The bogus invoices scheme is one of the most common BEC attacks. That's when attackers request fund transfers and final payments into their accounts. They do this by impersonating executives or leadership at the company to get employees to send them money under pretenses. In addition to executive fraud, attackers can spoof an attorney or some outside party requesting sensitive information—like intellectual property or trade secrets—to use that information for financial gain later. What is the best way to protect yourself against BEC attacks? Keep track of your receipts! If you think something looks off about an invoice, check with your supervisor before sending any money anywhere!

TechDogs Logo

Related Terms by Cyber Security

Cellular Automaton (CA)

Cellular automatons are not entirely cellular, quiet, and wholly atomic. They are the best of all worlds when you take the three fields mentioned above, study and play with them as any good scientist would. A cellular automaton (CA) is a system of many cells linked together using those cells' specific order and states. The goal is to change how each cell is ordered through repeated steps in an algorithm. The rules determine how cells change conditions over time. This happens multiple times until the CA stops changing and has reached an end state. Cellular automatons are many mathematical models studied in physics, computer science, social sciences, and other fields. Many natural phenomena, such as snowflakes, tree growth, and fire, inspire them. Cellular automatons are of interest for many reasons. One of them is that they are a non-linear model of physical phenomena. Given the same initial conditions, their outcomes may differ depending on the ruleset, much like non-linear differential equations. Another reason is that their rule sets are often simple enough to be implemented in a computer, allowing in-silico experimentation. Finally, some cellular automatons are used in modeling social and technological phenomena. If the number of ON neighbors exceeds the number of ones, the cell changes its state to ON; if the numbers are reversed, it changes its state to OFF. These rules are self-executing and do not require any external input. Depending on the number and placement of cells, it is possible to construct a variety of interesting CA with various properties and behaviors. The most common rule for a one-dimensional grid is for updating each site (i.e., each grid cell) independently, based on the values of its current neighbors. Cellular Automaton is exciting and intriguing. They're easy to understand but hard to predict. You'll need to sit down with a cup of coffee and think deeply about how they work to start seeing their beauty. Primarily though, they're fun.

...See More

Cipher Block Chaining (CBC)

Are you prepared to "chain" yourself to the subject of Cipher Block Chaining (CBC)? It's a method of encrypting information that's used to help keep data safe, and despite how dull it may sound, it's pretty fascinating! CBC, or "block chaining," is a method for encrypting data. This method gets its name because it operates by first dividing the data into blocks and then chaining them together. The output of one block is used as the input for the subsequent block, meaning each block must be encrypted using a unique secret key. Because of this, it is significantly more difficult for potential attackers to decode the data since they would need to crack the encryption for each block in the chain. The CBC algorithm needs to be foolproof, as it has weaknesses that can be exploited by malicious actors, such as when they use padding attacks or other similar techniques. But in general, it is a reliable method for encrypting data. It is used extensively in various contexts, including SSL/TLS protocols, virtual private networks (VPNs), and disc encryption. You may be questioning why we must use encryption in the first place. Consider all the sensitive information, like credit card numbers, login credentials, personal messages, and more, that we send and receive over the internet. If someone with bad intentions were to obtain access to such information, they could put it to any number of unethical uses if they so chose. Even if unauthorized parties receive our data, encryption can ensure that it will remain secure and confidential. Cipher Block Chaining may not be the most exciting topic, but it is crucial for everyone who cares about security and privacy. That is all there is to it, folks; I hope you found this information useful. #CBC #Encryption #Cybersecurity #DataPrivacy #SSL #TLS #VPN #DiskEncryption

...See More

Carrier IQ

If your phone company knows more about you than you do, it's probably Carrier IQ. Carrier IQ is a company that provides analytics software to various telecom providers. They've developed programs that offer information about smartphone users to cellphone carriers, like what apps they use, how often they use them, how long they spend on them, and even where the user is using them. The problem with this is that there needs to be a way for an average user to know whether or not her carrier has installed these programs on her phone. Even if she knows that her page uses the Carrier IQ program, she cannot opt out of it or stop it from collecting data about her activities and movements. The fact that this kind of information is being collected without our knowledge or consent raises serious privacy concerns—yet we have no say in whether or not our carriers can do this. Privacy advocates are up in arms over the Carrier IQ scandal, which involves a company collecting performance data on smartphone users. Carrier IQ gathers performance data, tracking and logging what users do on their phones. This can include calls made, texts sent, and emails received. While this is not necessarily an invasion of privacy in terms of content (e.g., Carrier IQ does not have access to the actual content of phone calls), it does present a risk to user privacy because it allows third parties access to information about whom you called or texted, whether you're using your phone to browse the web or send emails, etc. The issue came to light when reports revealed that Carrier IQ had collected information about users' phone activity without their knowledge or consent. It was reported that some phones were even sending data from users' text messages directly to Carrier IQ without permission from the device's owner!

...See More

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

  • Dark
  • Light