SecureAX Workspace combines Web, Email & File Hosting for productivity & cost savings!

Blog

What is Business Email Compromise? 5 Ways to Prevent

business email compromise
Email Hosting

What is Business Email Compromise? 5 Ways to Prevent

Business Email Compromise (BEC) is an email scam that targets companies and businesses. It will normally target key executives within companies. Then, it will mislead them to wire money to an overseas bank account. It may also interfere with genuine email exchange with vendors or suppliers, by altering the banking details when it is time for your company to make payment. Let us explore the good practices to prevent your company from falling victim to BEC.

Vigilance Among Employees

Unlike malware or viruses, Business Email Compromise (BEC) is a social engineering attack. Hence, the best way to prevent BEC is to promote vigilance among employees. This way, employees will be more careful when dealing with their emails especially those that involve making payments. For instance, employees from Finance Team should always verify all payment changes and transactions in person or via a known telephone number. Do you know that there are tools to train and test your employees’ vigilance from time-to-time? Contact us to let us help you further so your employees know how to identify BEC emails!

Stronger Email Password & Enable 2FA Login

Ensure that your employees use strong email password. Strong passwords are typically at least 12 characters, a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words. Additionally, encourage your employees to change to a set of new, strong password once every 90 days.

Another way to improve email security is through the implementation of two-factor authentication (2FA) login on top of strong passwords. If you are using SecureAX Workspace or Business Email Hosting, you can easily enable 2FA within the web portal as follow:

enable 2fa on business email hosting

Prohibit Email Forwarding to External Addresses

A mistake commonly made by hardworking employees is to setup email forwarding to their personal mailboxes (external address, such as Gmail). This is a poor security practice because hackers can setup similar email forwarding without your knowledge. This enhances the hacker’s BEC attack success. Do not allow email forwarding to external addresses!

Always use SSL Encryption for Emails

SSL Encryption for email offers lots of security benefits. Among which is to enhance your protection towards BEC attacks. If you are using SecureAX Workspace or Business Email Hosting, SSL Encryption is available at no additional charges.

Use Better Security Implementations

While security implementation is a very broad topic, there are some rudimentary protections that may help reduce the chances of a BEC attack:

  1. Install a good antivirus & internet security software for your employees. We find ESET Endpoint Security to be quite reliable.
  2. Use a better email security gateway. A good email security gateway should be one that utilises artificial intelligence (AI) and combines several industry-leading email security appliances, IP reputation databases and malicious email artificial intelligence systems to provide inbound filtering accuracy.
  3. Configure Sender Policy Framework, DomainKeys Identified Mail, and Domain-based Message Authentication Reporting and Conformance to prevent spoofing and validate email. If you are using SecureAX Workspace or Business Email Hosting, this is already taken care of by us.

 

SecureAX is a Fully Managed Cloud Server provider in Singapore & Malaysia which specialises in Business Email Hosting. Contact us to find out how we can help you with better email hosting for your company!

Leave your thought here