Page 15 - Cyber Warnings
P. 15
BEC and Socially Engineered Attacks Are on the Risk
There is no doubt, criminal attacks using carefully created and carefully targeted emails
are on the rise.
The FBI recently reported that global losses related to these Business Email
Compromise (BEC) scams experienced a 270% increase from January 2015 to April
2016. These kinds of attacks do real damage.
Billions of dollars have been stolen through these schemes, directly affecting
corporate bottom lines.
Sophisticated attacks, like the one described above succeed because they combine three
critical elements to create legitimacy....
(1) The "sender" is known and trusted.
(2) The emails are sent to logical recipients
(3) They originate from a seemingly trusted email domain
The most effective attacks originate from a domain that is a close variant of a company’s actual
email domain. (Instead of XYZ.com, they’ll register XYZ.biz, or XYZ-finance.net).
Cybersquatters register domains like those every day.
To turn a cybersquatting domain into a spear phishing platform, a potential phisher
activates the domain’s MX record. CISOs take note -- the MX record is the key to
proactive BEC defenses.
An MX record is a type of resource record in the Domain Name System that specifies a mail
server responsible for sending and accepting email messages on behalf of a recipient's domain,
and a preference value used to prioritize mail delivery if multiple mail servers are available.
An active MX record allows a domain to communicate with other emails domains to send and
receive messages. It also can help security professionals predict when an attack may be
imminent.
Use MX Records to Proactively Detect Threats
All CISOs who are worried about increased enterprise or institutional risk from spear phishing or
BEC attacks should immediately begin monitoring, or engage a partner for proactively
monitoring the internet for similar domains, especially for similar domains with active MX
records.
15 Cyber Warnings E-Magazine – May 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
