Business Email Compromise (BEC) is a Social engineering attack and one of the most likely to succeed and provide a large benefit for the attacker.
I have a recent example with a conveyancer where their email footer stated “We will not request money via email” – well in their final email requesting funds they removed this line and suggested that that is “ok”, it is not ok. I talked to him and he was adamant that removing the disclaimer is good enough, it is not!
We must learn that when transferring a large sum of money always phone the other party and confirm, always verify that you have the correct details with the receiver… always …. ALWAYS
DMARC can help to prove the sender is who they say they are but only when both sides are using it for verification, always talk to the other party.
Leave a Reply