“The best way to stop these [BECs] is to switch on DMARC with the strongest policy (“p=reject”) as default.” – Phil Muncaster (Infosecurity-Magazine) Phil Muncaster shares this advice – which could help protect against a Business Email Compromise (BEC) scam – in his article on the uncovering of information that… Continue Reading DMARC: Defenses against Business Email Compromise Attacks

In an article last week, we highlighted the case of a Dutch firm that lost €19m ($21m) to a Business Email Compromise (BEC) scam to push forward the idea of having strong security measures for preventing BEC Scams. Today, we came across the news of a (rather old) BEC incident… Continue Reading Preventing BEC Scams: Manual controls and multi-person authorization

I just came across this post by Alastair Paterson of Security Week highlighting that attackers are monetizing non-traditional methods to compromise business accounts (BEC and EAC). Alastair points at three alternative methods that are being successfully put at work: Using email credentials purchased from criminal forums, Re-trying the credentials of already… Continue Reading 7 Security Measures Against BEC You CANNOT Neglect