1 00:00:00,05 --> 00:00:03,02 - [Instructor] Because business email compromise, or BEC, 2 00:00:03,02 --> 00:00:06,03 has characteristics similar to phishing attacks, 3 00:00:06,03 --> 00:00:09,05 some of the ways to protect against it will overlap. 4 00:00:09,05 --> 00:00:11,01 In this video, I'll cover these 5 00:00:11,01 --> 00:00:12,08 as well as some unique methods 6 00:00:12,08 --> 00:00:15,06 to protect against BEC attacks. 7 00:00:15,06 --> 00:00:18,09 First, like with phishing, you can protect against BEC 8 00:00:18,09 --> 00:00:21,03 by implementing email filtering controls 9 00:00:21,03 --> 00:00:23,02 on your email server. 10 00:00:23,02 --> 00:00:26,04 This will help prevent email attacks designed to trick users 11 00:00:26,04 --> 00:00:29,02 into giving away their credentials. 12 00:00:29,02 --> 00:00:31,04 And because BEC attackers will sometimes try 13 00:00:31,04 --> 00:00:34,00 to spoof legitimate domains in their emails, 14 00:00:34,00 --> 00:00:37,06 consider configuring email protocols like SPF, DKIM, 15 00:00:37,06 --> 00:00:40,06 and DMARC to reduce this type of spoofing. 16 00:00:40,06 --> 00:00:43,07 For instance, DKIM can be used to reject emails 17 00:00:43,07 --> 00:00:46,05 where the displayed domain doesn't match the domain 18 00:00:46,05 --> 00:00:48,08 of the originating email server. 19 00:00:48,08 --> 00:00:51,07 Mike Chapple gives a good overview of these protocols 20 00:00:51,07 --> 00:00:55,01 in his CompTIA Cybersecurity Analyst+ course 21 00:00:55,01 --> 00:00:57,03 on LinkedIn Learning. 22 00:00:57,03 --> 00:01:00,06 Next, enable multifactor authentication, or MFA, 23 00:01:00,06 --> 00:01:02,09 especially on email accounts. 24 00:01:02,09 --> 00:01:04,08 This will significantly reduce the chances 25 00:01:04,08 --> 00:01:07,05 of an attacker taking control of an email account 26 00:01:07,05 --> 00:01:09,08 with just a username and password. 27 00:01:09,08 --> 00:01:12,09 Once enabled, never disable MFA. 28 00:01:12,09 --> 00:01:14,05 User security awareness training 29 00:01:14,05 --> 00:01:18,02 is another important protection against BEC attacks. 30 00:01:18,02 --> 00:01:19,06 Train users about these attacks 31 00:01:19,06 --> 00:01:22,06 and that they should be suspicious of urgent-sounding 32 00:01:22,06 --> 00:01:26,02 or unusual emails that request transferring funds. 33 00:01:26,02 --> 00:01:29,09 Show them how to spot look-alike domains used in emails. 34 00:01:29,09 --> 00:01:32,09 Teach them to confirm these financial transaction requests 35 00:01:32,09 --> 00:01:36,01 out of band, meaning through some method other than email, 36 00:01:36,01 --> 00:01:39,03 such as calling the person or meeting with them directly. 37 00:01:39,03 --> 00:01:42,02 And any change in payment instruction should be verified, 38 00:01:42,02 --> 00:01:45,04 no matter how it is sent or who it comes from. 39 00:01:45,04 --> 00:01:47,05 Another way to protect against BEC 40 00:01:47,05 --> 00:01:49,09 is to add a warning banner to emails 41 00:01:49,09 --> 00:01:52,04 coming from outside your organization. 42 00:01:52,04 --> 00:01:55,00 Marking external emails helps warn users 43 00:01:55,00 --> 00:01:57,05 that an email spoofed to look like it's from someone 44 00:01:57,05 --> 00:02:00,02 within the organization really isn't. 45 00:02:00,02 --> 00:02:01,08 Then train users to understand 46 00:02:01,08 --> 00:02:05,00 what these warning banners mean and why they're important. 47 00:02:05,00 --> 00:02:07,00 If you or someone in your organization 48 00:02:07,00 --> 00:02:09,03 is a victim of a BEC scam, 49 00:02:09,03 --> 00:02:12,08 you should contact your financial institution immediately 50 00:02:12,08 --> 00:02:14,08 and tell them what happened. 51 00:02:14,08 --> 00:02:18,05 In some cases, money transfers can be frozen or canceled. 52 00:02:18,05 --> 00:02:20,00 Next, if you're in the US, 53 00:02:20,00 --> 00:02:23,08 report the crime to your local FBI field office. 54 00:02:23,08 --> 00:02:25,01 If you're outside the US, 55 00:02:25,01 --> 00:02:28,05 contact your equivalent law enforcement agency. 56 00:02:28,05 --> 00:02:31,00 Also, if you're in the US, file a complaint 57 00:02:31,00 --> 00:02:35,05 with the FBI's Internet Crime Complaint Center at ic3.gov. 58 00:02:35,05 --> 00:02:37,09 Business email compromise is a growing problem 59 00:02:37,09 --> 00:02:40,03 on the cybersecurity threat landscape. 60 00:02:40,03 --> 00:02:44,01 Take the steps described in this video to reduce the chances 61 00:02:44,01 --> 00:02:46,09 that you or your organization will become a victim 62 00:02:46,09 --> 00:02:49,00 of a BEC attack.