A business email compromise attack is a method malicious third parties use to gain access to company networks. They do so with a mixture of social engineering and phishing, attempting to steal credentials to penetrate infrastructure. As with phishing attacks in general, it’s remained a consistent problem for organizations abroad, regardless of size.
However, BEC attacks are finding a “second wind.” In 2023 alone, Perception Point saw a 1000% increase in phishing email attacks targeting businesses. More than ever, companies have to fend off not only an assault of malware/ransomware attacks, but a renewed surge of BEC attempts too.
Generative AI Aiding BEC Attacks
But why the uptick in attacks? The primary culprit is generative AI. Machine learning and AI-generated content provide a blast furnace with which malicious parties can use to create countless fake messages. It’s been the perfect companion for attackers who can automate the creation of phishing messages. Since phishing remains one of the top reasons breach events occur, it makes sense hackers are eager to take advantage of a resource that can create them in a fast, easy manner.
While generative AI tools originally started as text generators and AI-based assistants, they’ve also aided malicious behavior. Indeed, a rule of thumb in the tech sector is a tool can be used for both good and bad. Generative AI has not only aided a swift automation of social engineering campaigns, it’s allowed attackers to utilize different techniques too.
For instance, according to the report Perception Point discovered a rise in QR code phishing and two-step phishing attacks. These multi-pronged attacks create a false sense of legitimacy when targeting victims, with GenAI and similar AI creation tools enhancing the process. For instance, QR codes are an easy way to directly send a recipient to a malicious link. When coupled with an AI-generated message that appears trustworthy, a victim is likelier to access the dangerous link.
To further “enhance” the capabilities of BEC attacks, hackers also deploy multi-stage prompting using legitimate business resources, visuals, and communications. Some, for example, will build false website domains to further deceive recipients of phishing attempts. And, by using GenAI, the content within these websites appears trustworthy. Because of these techniques, they’re harder to detect and prepare for.
Effectively, this has enhanced the size, scope, and capabilities of BEC attacks, making them deadlier than ever. Because phishing is difficult to detect and requires comprehensive training/scrutiny to avoid, GenAI combined with social engineering has proven a deadly combination.
Other Characteristics
As BEC attacks increase, the methods used to deploy them do as well. Brand impersonation, as mentioned, is a favored technique by malicious actors because it relies on established trust to succeed. For example, a small business might use Microsoft services for its tasks. Malicious third parties use that to their advantage by using phishing campaigns with legitimate imagery, emails, and messages. Think of it this way: you’re likelier to pay attention to an email if it appears to be a legitimate alert from Microsoft regarding accounts, passwords, or crucial data.
Technology that companies and workforces rely on to conduct operations is the precise target of BEC attacks. From vendor software to cloud computing services, they’re part of a larger IoT that GenAI-based threats take advantage of.
Protecting Against BEC Attacks
The bigger question is preparing and protecting against BEC attacks. Phishing is already a difficult challenge to contend with, and with the saturation of BEC attacks thanks to GenAI, the problem has considerably worsened.
Protecting against BEC and phishing requires a comprehensive understanding of red flags, training, and preparation. Remember that BEC is from the same philosophy as phishing and therefore follows the pattern of social engineering. The problem today is volume and its enhancements from GenAI.
Attacking this problem is a laborious process, but with the right steps, can be handled. Establishing good policies now will help your enterprise in the long term. Here are a few quick tips to keep in mind to prevent the success of BEC attacks:
·Keep a registered domain to prevent spoofing/artificial messages
·Do not open messages/emails you or your staff do not recognize unless the sender can be verified
·Establish zero-trust policies where possible
·Know the habits of workers, vendors, and business partners to track unusual requests
·Remain aware of how attackers utilize GenAI to enhance their attacks
BEC attacks can be stressful, but with some common sense and good habits, you can keep your enterprise safe.
If you’d like additional information or assistance, contact Bytagig today for more information.
