How to Improve AML in iGaming
![How to Improve AML in iGaming](https://assets.cdn.seon.io/uploads/2022/06/aml_in_igaming_illustration.png)
by Sam Holland
Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations.
According to the FBI’s 2020 Internet Crime Report, 2020 alone saw 791,790 complaints of suspected internet crime – an increase of more than 300,000 since 2019. Reported losses in 2020 exceeded $4.2 billion. The report states that these victims mostly lost their money to BEC scams.
Thankfully, as BEC attacks are often a product of human error, many can be avoided with due diligence and training – both of which can be enhanced with the right fraud prevention tools.
Let’s look at what business email compromise attacks are and explore some of the many ways you can combat them.
A BEC attack is when a fraudster gains unauthorized access to a business’s account. The most damaging form of BEC is account takeover (ATO) attacks. Fraudsters use manipulation tactics such as email-based phishing or take advantage of leaked company data to gain access to – and take over – one or more of the business’s accounts. BEC is also often carried out by a fraudster impersonating a member of the target organization, especially someone senior such as an executive.
In other cases, a senior staff member might be targeted through channels such as messenger services, phone calls, or via social media. One telltale sign that something is amiss is that such communications will always request sensitive information. It’s worth noting here that you can always act on your initial suspicions by running a quick email lookup against an address associated with a dubious message. Check out SEON’s address lookup widget below to see this approach in action.
Business email compromise attacks are carried out in many ways, examples of which we’ll cover below. Despite its versatility, BEC invariably involves the misuse of compromised login credentials, with the aim of accessing sensitive information located in various business accounts (not just email inboxes – fraudsters also target intranet documents, HR records, and plenty of other sensitive archives).
One use case of BEC is when fraudsters use compromised data to trick staff into providing further information, such as their bank details or company secrets. Fraudsters may do this by impersonating the organization’s CEO (check out the CEO fraud section below to learn more about this).
Accordingly, BEC is not just limited to account takeovers and identity theft, but can also be a means for fraudsters to become imposters looking to subject the target company to further data breaches.
BEC is wide-reaching because it’s accessible to many fraudsters and its purpose is broad: Fraudsters use it to exploit company infrastructures with stolen login credentials and account takeover attacks. As such, there are many examples of how BEC can be carried out. Let’s take a look at some of the key ones.
An email data breach compromise is simply an instance of sensitive information being leaked or stolen due to the use of either email-based phishing or email-based hacking, such as the use of a trojan horse or other malware infection.
While there are many methods and consequences of a business email compromise, an email data breach compromise occurring in a business is essentially the result of a successful BEC.
A vendor email compromise (VEC) is when a fraudster focuses their BEC attack on a supplier, such as an online seller of office stationery. There are two main ways they can carry out a VEC: By impersonating the vendor or by impersonating the vendor’s customer or contact.
Such impersonations can be achieved by account takeover (ATO) or simply by the fraudster claiming to be the email contact through false credentials, such as a fake but convincing email address. This is often achieved with subtle character changes: Consider how much TheRealDeal1@gmail.com looks like TheRealDealI@gmail.com to an unsuspecting reader, for example.
Tricks like this mean a fraudster can get away with asking the vendor’s customer to send such payments as “updated subscription fees”; or, on the other side of the fence, they can pretend to be a customer who “never received the products they paid for” and ask for a refund.
Discover SEON technology and how it can help any business make better decisions, boosting safety and growing without risks.
Ask an Expert
CEO fraud is a catch-all term for the exploitation of the account of a high-ranking organizational official, such as a CEO or an investor. This exploitation can be based on subjecting the official to an account takeover, such as by manipulating them into providing their account credentials; or, simply impersonating them as a means to commit a social engineering-focused phishing attack.
For instance, high-level staff who practice poor password hygiene – or have been tricked into providing their login details – are likely to be targeted, and they’re also likely to have sensitive information. Fraudsters look out for people who fit such a profile.
Knowing that more junior staff members will likely jump to give one of their senior bosses the information they request, some fraudsters make an email address that looks almost identical to the real official’s address and try their luck with demands for money, data, and so on.
Here are some of the major BEC pitfalls – namely the financial, reputational, and employee engagement issues – that may arise, alongside some associated statistics:
While each and every organization will have different approaches and setbacks when faced with BEC attacks, the fact remains that business email compromise brings significant damages to the finances, trust, reputation, morale, and overall employee engagement of your business.
BEC attacks can largely be carried out solely using social engineering attack-based phishing attempts. This means many instances of BEC can be prevented by mitigating human error through staff training. Alongside this, there is the need to use software best practices such as multi-factor authentication to reduce account takeover and other online impersonation attempts.
Here’s a closer look at the preventative measures:
It is important to remember that BEC attacks are like many other cyberattacks: The best way to prevent them is by making sure you’re safe online. Limiting human error with training and optimizing your equipment with the best software will reduce the chances of business email compromises considerably.
The key is to ensure your business’s internal IT infrastructure is optimized to ensure the necessary checks and security measures are in place, especially if your organization uses a proprietary internal network. Maintain anti-virus software, as many BEC attacks trick email recipients into downloading malware – and always contact your email provider if you suspect or encounter a BEC attack.
The below infographic shows a seven-part, step-by-step approach that can, at best, enable your staff to prevent BEC attacks and, at worst, mitigate the effects of such attacks:
To elaborate, the first two steps are to ensure your email account activity is protected by the most basic security activities: Changing your email password and making sure your device is protected with MFA. To fend off your most recent attacker, this should be done immediately.
Afterwards, it is time to ask yourself how this could have happened in the first place. Checking your sent items and deleted folders will help you answer this question by showing that you or a co-worker have contacted suspicious contacts – or even overlooked threatening emails altogether by deleting them without reporting them. This is how you attempt to identify suspicious activity. Doing this will make a similar attack far less likely in the future.
Similarly to the importance of keeping your MFA use up to date, you will benefit from acknowledging an unfortunate truth: Aside from your work email account, your recovery email account may have been compromised as well. This is why you should also update your account recovery information.
Bear in mind that many people have more than one email address nowadays, such as their work and personal accounts. The best way to be safe online is to make sure you change the password to both. Password data breaches are common, and compromised email could lead to further intrusions, especially if the incident led to an account takeover (ATO).
The final two points won’t just help you combat business email compromise but are likely to help with other security-focused tasks too. By running an antivirus scan on your affected device(s) and reporting the incident to your email provider, all involved parties will be better informed about how best to protect you if the problem arises again.
Improve your risk management with SEON’s real time data enrichment tools
Ask an Expert
All SEON features are there to reduce your chances of encountering various forms of cyberattacks, including BEC attacks. The major ways SEON achieves this are through its user activity monitoring capabilities.
User account monitoring is the process of analyzing users’ actions (such as unusual login schedules) and behaviors (such as when users suddenly access features they don’t usually use). SEON’s user account monitoring helps identify potential signs of unauthorized access and other fraudulent behavior.
Meanwhile, SEON’s IP lookup tool allows users to enter an IP address that they wish to scrutinize. SEON will then quickly provide login information, such as location data, for you to gauge whether the account connected to the address appears to be legitimate.
Let’s take a closer look at some ways that SEON’s user activity monitoring and IP lookup capabilities can help combat BEC attacks:
SEON’s user activity monitoring and IP lookup capabilities combined help you determine whether certain users and email contacts should be treated with caution.
Sources
Related Articles
User Activity Monitoring Explained: Examples, Legality, and Tips
Showing all with `` tag
Get anti-fraud and compliance insights and tips from SEONs experts.
Sam is SEON's Fraud Content Writer. He has a background in writing and editing content for a range of tech and engineering publications which has led him to gain a strong interest in cyber security. At SEON, Sam enjoys writing about cutting-edge solutions to fraud attempts and cyber attacks, such as transaction monitoring and machine learning.