Small businesses (SMBs) are increasingly targets of cyberattacks and are often financially devastated by a single successful attack. Even with a significant network of security tools in place, SMBs can be caught off guard by the increasing number of attack methods threat actors choose to employ. However, with the following information, SMBs can safeguard their business and their employees from two common attack types: Executive impersonation and business email compromise (BEC).
One of the most crucial things to watch out for is executive impersonation, which can start with a spear phishing attack on a key member of the executive team. A successful initial attack will lead to the compromise of the individual’s phone number or email account, providing a threat actor with both a window into internal events, but also a means to request funds transfers or other financial theft. Interestingly, once successful, the threat actor may also monitor the same executive’s social media accounts and wait until they are on vacation or out of the office before making first contact.
This is not directly part of the attack vector; however, it is an effective surveillance tool.
Identify Attacks
These types of phishing attacks are on the rise because they rely on human error rather than software or operating system vulnerabilities. Mistakes by well-intentioned employees are less preventable and predictable, but they can be identified and thwarted if recognized quickly. WMC Global recommends companies employ a service that monitors for active phishing attacks and for client interaction or compromise. Thus, when an employee in a business makes a mistake and visits a malicious site or provides credentials to a thief, the event can be identified quickly, and the company warned in real-time.
Securing Small Businesses Against BEC Attacks
When looking to secure small companies, the importance of employing BEC alerting also cannot be overlooked. According to the FBI, in 2021 small businesses lost upwards of $2.4 billion in email scams, including BEC attacks. Why are BEC attacks so successful? The threat actors do their research and are very selective about who they target. They complete full background profiles and potentially dox their targets as well. When employees fall for and submit credentials in these types of attacks, urgent action is needed to prevent damage and protect critical business systems.
So, how can small businesses protect their employees from these in both the short and long term?
1. Train Your Employees. Make sure to train employees about the signs of social engineering attacks at least quarterly. Emphasize identifying and avoiding phishing attacks sent not only to the business email but also via SMS phishing messages.
2. Develop Procedures for Critical Process. Ensure that your company has documented policies for making changes to key financial procedures, and especially external payments to suppliers and partners.
3. Test Your Employees. Run simulations to ensure that your employees can identify and report both phishing and social engineering attacks.
4. Keep Travel Plans Private. Key executives should avoid exposing personal travel plans on social media, especially on overseas trips. Threat actors will take advantage of difficult and limited communications in these situations to impersonate key business executives and make requests that are hard for the company to validate effectively – back to the need for the development of procedures for critical processes.
5. Continue Defense Measures. Leverage special intelligence that can identify if a business employee clicks on a malicious link or that urgently notifies the company when an employee’s email or credentials are recovered from an active phishing attack.
Guarding SMBs
It’s critical for small businesses to understand that they will always be vulnerable to cyberattacks, but the above measures can provide defense for companies from threats that lead to executive impersonation and business email compromise. Following these five tips, SMBs will be well guarded against any attacks launched against their organization. Staying vigilant can be a decision that ultimately liberates a small business from threat actors and marketplace attack trends.
Protecting small businesses against emerging and complex cyber-attacks
#InfoSecTools and #InfoSectraining
Ask DISC an InfoSec & compliance related question
