Business Email Compromise Attacks

A group of employees working on computers

Business email compromise attacks are a specialized form of phishing.

These attacks are carefully orchestrated and carried out by highly informed and well-trained attackers.

Where general phishing attempts cast a wide net hoping one of your users makes a mistake, BEC attacks target a specific member of your organization, stealing their identity and using it to manipulate and deceive others.

These attacks follow a discrete set of steps and InQuest® has tailored its security solutions to disrupt and counter BEC attacks at every level.

A computer

The Anatomy of a BEC Attack

Web icons

Step #1: Reconnaissance

BEC attacks begin long before any contact is made with your network or your people.

They start with a sophisticated research and recon program that draws on publicly available information about your organization and your people. Information from your website, social media, news sources, or wherever your organization and your people have been mentioned.

From this information, the attacker builds a strategic phishing campaign that targets executives or trusted business partners.

Halt the attack before it begins with Threat Intelligence.

InQuest’s Threat Intelligence capabilities draw on a wide array of sources, both public and private. It constantly updates its intel pool from the cybersecurity community, think tanks, and its own internal discoveries.

That means your organization will be armed with an ever-growing, constantly updated list of known attackers, malicious domains, compromised attacks, and social/behavioral patterns before cybercriminals make their move.

When an attacker does make contact with your organization, that intelligence is ready and waiting to stop the attack cold.

InQuest platform feature

Step #2: The Phishing Attack

Now that the attackers have collected publicly available information and formulated their attack plan, the phishing begins.

The attackers send specific, thoughtfully-crafted emails to employees, often impersonating an executive or supervisor. These emails are made to appear legitimate and urgent and can request anything from financial transfers to seemingly innocuous responses.

The goal of these emails can be a quick money grab, or to gather social and behavioral information for a much larger, higher-value attack.

Identify phishing attacks in progress with real-time behavior analysis.

InQuest’s solutions carry out a continuous battery of behavioral analysis techniques. From internal and external relationship building to advanced content analysis and profiling, InQuest helps you create a baseline of normal communications that is continuously analyzed to produce unique behavior patterns for every account, all in real-time.


Step #3: Compromised Credentials and Email Spoofing

If a member of your organization does fall for a phishing attempt, their credentials may be compromised. The attacker may now have access to, or control over, that member’s email account and other connected systems.

The attackers will now begin to impersonate the affected user by sending fraudulent emails to colleagues, clients, partners, and vendors asking for financial information or other sensitive data.

Sophisticated attackers may even use social engineering to conveniently mimic the target’s behavior, or to create high stress or urgent situations in the hopes of tricking someone into leaping without looking.

Network Threat Analytics continuously learns from the global cybersecurity community to identify suspicious behavior.

InQuest combines its continuously updated threat intelligence with a continuous analysis of your organization’s network to quickly spot known patterns of behavior. As new attacks are uncovered and monitored by the wider cybersecurity community, that information is automatically put to use within InQuest’s solutions.

The result? Continuous monitoring that learns not just from what happens on your network, but from networks around the world.

InQuest Data
A man with glasses

The Final Stand: Customizable Email Banners

No matter how sophisticated or complicated the attack, InQuest is ready with layer after layer of protection for your organization, but at the end of the day, the final step in the business email attack chain is your end users.

Advanced threat detection, comprehensive behavioral analysis, world-class threat intelligence – InQuest has the tools and the resources your SOC team needs to fight business email compromise attacks every step of the way, but we also educate and empower your end users to defend themselves with customizable email banners.