ITCPE Team

Combatting the Surge of Pretexting Attacks: Safeguarding Against Business Email Compromise (BEC)

The prevalence of pretexting attacks, particularly those executed through Business Email Compromise (BEC), has witnessed a substantial rise in 2023. This article delves into the alarming findings of the Verizon 2023 Data Breach Investigations Report, highlighting the financial implications and emphasizing the importance of training employees to recognize and thwart these attacks.

The Magnitude of Pretexting Attacks:
According to the Verizon report, pretexting attacks have nearly doubled in 2023. Out of the 16,312 data security investigations conducted, a staggering 5,199 confirmed breaches were identified within the past year. Significantly, 74% of these breaches were attributed to human actions, with a striking 97% motivated by financial gains. Business Email Compromise emerged as the leading attack vector, accounting for over 50% of the documented attacks. Shockingly, each successful BEC attack resulted in an average theft of $50,000.

The Costly Consequences:
For more invasive system compromise attacks, the financial toll is even more significant. Disturbingly, over 95% of these attacks resulted in business losses ranging from $1 million to $2.25 million. The financial burden associated with remediation and recovery efforts following a successful attack far exceeds the investment in proactive employee training to prevent such incidents.

Understanding Pretexting:
Pretexting can be categorized as a deceptive form of phishing, wherein cybercriminals gain the trust of employees by assuming false identities, such as vendors, business partners, or coworkers. These attackers exploit various scenarios to manipulate employees into taking actions that compromise security. Some common examples of pretexting include:

1. IT Team Member Impersonation: Criminals pose as IT personnel and persuade employees to download malicious software under the guise of system maintenance.
2. Executive Requests for Gift Cards: Fraudsters impersonate senior leaders or executives, requesting employees to purchase gift cards for clients or company promotions. Subsequently, they seek the gift card codes for immediate distribution.
3. Redirection of Deliveries: Criminals request the alteration of regular deliveries to a new address.
4.Vendor Payment Resolution: Cybercriminals, masquerading as vendors, request credit card information to resolve purported payment problems.
5. False Bank Employee: Attackers pretend to be bank employees, seeking account access to address fictitious issues.
6.Coworker Test Messages: Fraudsters send text messages with innocuous content like "Let me know if you get this text," aiming to establish communication.

Combatting Pretexting Attacks:
To mitigate the rising threat of pretexting attacks, organizations must prioritize employee training on cybersecurity and pretexting awareness. While employees with access to critical company resources should receive focused training, it is essential to extend this education to every member of the workforce. By cultivating a vigilant and informed workforce, organizations can build a robust defense against pretexting attacks.

Key preventive measures include:
1. Reinforce Vigilance: Continually remind employees to exercise caution and skepticism when encountering unfamiliar or suspicious requests. Encourage them to pause, evaluate, and verify any unusual or unexpected communications with trusted colleagues.
2. Remote Employee Training: Pay special attention to training remote and hybrid employees who work outside the traditional office environment. This segment is particularly vulnerable to pretexting attacks, necessitating comprehensive awareness programs.
3. Establish Clear Protocols: Define guidelines for instances where IT personnel need to work with employees remotely. Provide employees with reliable channels to verify the authenticity of requests and establish communication with trusted coworkers.
4. Mind Online Disclosure: Encourage caution when sharing company and employee information online. Criminals exploit publicly available data, such as staff pages and press releases, to enhance the credibility of their pretexting attempts.
5. Foster a Culture of Security: Instill a culture of cybersecurity within the organization, emphasizing the importance of proactive measures, reporting incidents, and ongoing training initiatives.

In conclusion, as pretexting attacks continue to escalate, organizations must recognize the criticality of preemptive measures. By investing in comprehensive employee training programs, organizations can fortify their defenses against pretexting and protect their valuable assets from BEC attacks. Awareness, vigilance, and a security-conscious workforce are paramount in the ongoing battle against these evolving cyber threats.

Share this page: