Content, Content

Business Email Compromise Research: Top Hacker Threat for 1H 2021


Hackers still favor email as their vector of choice and business email compromise (BEC) as their go-to tactic for infecting organizations worldwide, said Zix, a cloud email security provider, in its newly released 2021 Mid-Year Global Threat Report.

For MSPs and MSSPs, the report highlights the need for multi-layer security that extends beyond endpoint detection and response to include email, network, cloud and other capabilities, MSSP Alert believes.

In a BEC scam, hackers send an email message that impersonates a known source making a legitimate request, such as a recognizable vendor sending an invoice with a new address. C-suite occupants are the favored targets but any employee can be tripped up by the ruse.

During the first half of 2021, the Dallas, Texas-based security specialist said it observed cyber attackers leveraging real web certificate data to customize their capabilities, a development it had not previously seen, in addition to more sophisticated diversion and disguise techniques, such as using CAPTCHA technology to skirt detection and using legitimate services to hide their malevolent intentions.

Business Email Compromise (BEC): Three Research Findings

Three key takeaways from the study:

  1. Customized phishing attacks rising: Phishing attacks have increased in volume between Q1 and Q2 and become more advanced, with campaigns tailored to fit targeted users through the use of CAPTCHAs and web certificate data. Websites like Spotify and DocuSign were among the many used to draw in users.
  2. New attack trends: Email threats have increased throughout the first half of 2021, with 2.9 billion quarantined by Zix through June. URL and text-based attacks rose consistently throughout the first half of the year, while email-based attacks decreased in the first five months before sharply increasing in June.
  3. Business email compromise top tactic: Zix found businesses to be most vulnerable and sought after by attackers. Hackers monitor conversations from inside a compromised account before sending more customized messages in an attempt to steal financial information or credentials.

“Companies cannot wait for potential threats to emerge but must proactively identify security incidents that may go undetected by automated security tools,” said Troy Gill, Zix’s research manager. “As we enter into the back half of the year, we will continue to see phishing, business email compromise and ransomware attackers become more sophisticated and bad actors asking for higher bounties to release data they have compromised.”

BEC: Additional Research Findings

Other studies have also found BEC to be one of the most insidious and financially damaging online crimes, scamming roughly three times as many organizations as malware and slightly more than spear phishing, according to a recent GreatHorn survey of 270 IT and cybersecurity professionals.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.