PR Newswire
22 May 2023, 07:30 GMT+10
SINGAPORE, May 22, 2023 /PRNewswire/ -- Microsoft has released its fourth edition of Cyber Signals, highlighting a surge in cybercriminal activity around business email compromise (BEC), the common tactics employed by BEC operators, and how enterprises can defend against these attacks.
Key insights shared in this edition of Cyber Signals, a cyberthreat intelligence brief spotlighting security trends and insights gathered from Microsoft's 43 trillion daily security signals and 8,500 security experts, include:
Instead of exploiting vulnerabilities in unpatched devices, BEC operators seek to exploit the daily sea of e-mail traffic and other messages to lure victims into providing financial information or taking direct action like unknowingly sending funds to money mule accounts that help criminals perform fraudulent money transfers. Threat actors' BEC attempts can take many forms such as phone calls, text messages, e-mails, or social media outreach.
While threat actors have created specialized tools to facilitate BEC, including phishing kits and lists of verified email addresses for targeting C-Suite leaders, accounts payable leads and other specific roles, there are methods that enterprises can employ to pre-empt attacks and mitigate risk.
Vasu Jakkal, corporate vice president, security, compliance, identity, and management at Microsoft, said: "BEC attacks offer a great example of why cyber risk needs to be addressed in a cross-functional way with IT, compliance and cyber risk officers at the table alongside business executives and leaders, finance employees, human resource managers and others with access to employee records. While we must enhance existing defenses through AI capabilities and phishing protection, enterprises also need to train employees to spot warning signs to prevent BEC attacks."
To protect against BEC attacks, businesses should leverage cloud apps that utilize AI capabilities to enhance defenses, adding advanced phishing protection and suspicious forwarding detection. Crucially, businesses need to secure identities to prohibit lateral movement by controlling access to apps and data with Zero Trust and automated identity governance. Additionally, adopting a secure payment platform can reduce the risk of fraudulent activity by switching from emailed invoices to a system specifically designed to authenticate payments. Furthermore, continuous employee education plays a vital role in equipping them to spot fraudulent and malicious e-mails, such as a mismatch in domain and email addresses, as well as understanding the potential risks and costs associated with successful BEC attacks.
To learn more about the threat of BEC, read the fourth edition of Cyber Signals today. To learn more about Microsoft Security solutions and keep up with expert coverage on security matters, visit the Microsoft Security website and Microsoft Security blog.
For more information, please contact:
Microsoft Asia
Simran Singh Sethi
[email protected]
Edelman (Partner Agency for Microsoft Asia)
Ernest Lee / Farhansyah Musa
[email protected]
Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com/. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft's Rapid Response Team or other appropriate contacts listed at Microsoft Public Relations Contacts - Stories.
[1] Methodology: For snapshot data, Microsoft platforms including Microsoft Defender for IoT, Microsoft Threat Intelligence Center and Microsoft Defender Threat Intelligence provided anonymized data on device vulnerabilities, such as configuration states and versions, and data on threat activity on components and devices. In addition, researchers used data from public sources, such as the National Vulnerability Database (NVD) and Cybersecurity & Infrastructure Security Agency (CISA). The cover stat is based on Microsoft engagements in 2022. Control systems in critical environments include electronic or mechanical devices which utilize control loops for improved production, efficiency, and safety.
Get a daily dose of Asia Pacific Star news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Asia Pacific Star.
More InformationNew Delhi [India], July 14 (ANI): President Droupadi Murmu, graced the fifth convocation ceremony of AIIMS, Bhubaneswar, at Bhubaneswar,...
Dubai [UAE], July 14 (ANI): Madhya Pradesh Chief Minister Mohan Yadav, currently on an official visit to the UAE as part of the MP...
Dubai [UAE], July 14 (ANI): Madhya Pradesh Chief Minister Dr Mohan Yadav met industry leaders in the UAE's trade sector during his...
(250714) -- SHENZHEN, July 14, 2025 (Xinhua) -- Tanaka Kokoro (R) of Japan competes during the Group B match between Japan and the...
New Delhi [India], July 14 (ANI): Minister of State for External Affairs Pabitra Margherita, during his recent Malaysia visit, emphasised...
Dubai [UAE], July 14 (ANI): Madhya Pradesh Chief Minister Mohan Yadav, currently on an official visit to the UAE as part of the MP...
NEW YORK CITY, New York: Bitcoin surged to a new all-time high this week, buoyed by growing institutional interest and a wave of pro-crypto...
SHENZHEN, China: As global chip competition intensifies, Huawei Technologies is exploring new markets in the Middle East and Southeast...
LONDON/NEW YORK CITY: American grocery bills may be headed higher as coffee and orange juice prices face upward pressure from new tariffs...
BATTLE CREEK, Michigan: In a major consolidation of iconic food brands, WK Kellogg has agreed to be acquired by the owner of Ferrero...
WASHINGTON, D.C.: Filmmaker Peter Jackson's lifelong fascination with the extinct giant New Zealand flightless bird called the moa...
NEW DELHI, India: India has submitted a revised proposal to the World Trade Organization (WTO) in Geneva to implement retaliatory tariffs...