Phishing

Combat Business Email Compromise Scams With New Awareness Training Tools From SecurityIQ

Megan Sawle
April 6, 2018 by
Megan Sawle

Business email compromise (BEC) attacks are growing in both frequency and severity. According to the FBI, BEC attacks cost businesses $5.3 billion from 2013 to 2016 — a figure Trend Micro predicts will grow to $9 billion by the end of 2018.

BEC attacks are one of the most costly security threats facing your organization today. What’s worse, most of these attacks go undetected by technical controls because they leverage old-fashioned scam tactics to trick your workforce into transferring money or sharing confidential information. This means the best way to prevent BEC attacks is to educate your employees about how BEC attacks work.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Introducing SecurityIQ’s New BEC Awareness Training Resources

New SecurityIQ resources include 20 new BEC phishing templates, simulation reply tracking and a BEC awareness training module.

20 BEC Phishing Templates

Using these templates, you can send your employees realistic attack simulations to increase their awareness of BEC attacks. Attack methods simulated in the templates include:

    • Wire transfer requests
    • Fake invoice requests
    • W-2 request information
    • VPN password reset requests
    • Payroll information requests

If your employees fail the simulation, they will receive immediate supplemental training tailored to their role in your organization. This training will evolve alongside employee aptitude, keeping training relevant and engaging.

BEC Simulation Reply Tracking

This new feature tracks all replies to your BEC simulations, helping you identify vulnerable employees who need additional security awareness training. Learn how to enable this setting in the user manual.

Sensitive Data Detection

SecurityIQ reply tracking also includes pattern recognition, allowing you to determine what type of data your employees shared in failed simulations. Patterns recognized include credit card numbers, bank account numbers and social security numbers. You can store this data securely in SecurityIQ for up to 14 days, or turn off storage completely. Whatever decision you make, this tool makes it easy to track employee vulnerability to BEC scams for even large organizations with thousands of employees. Learn more about this feature in the user manual.

BEC Awareness Training Module

This interactive module describes what BEC scams are, outlines the risks of BEC attacks and provides suggestions for BEC scam defense.

Don’t Miss Our Webinar! BEC: The $9 Billion Security Threat You Can’t Ignore

To help you learn more about business email compromise (BEC) attacks and measures you can take now to protect your organization, security leaders from InfoSec Institute and DarkMatter will share practical tips for BEC threat mitigation. Join us on 4/26 at 10:00 a.m. Central (Americas) for a discussion of:

  • The anatomy of a BEC attack
  • Prevalent attack types
  • BEC prevention methods, including security awareness training

Guest speakers include:

  • Roger Sels, VP Information Security, DarkMatter
  • Jack Koziol, CEO, InfoSec Institute

Click the button below to register. As a bonus, we’ll send you a copy of our BEC e-book, Introducing BEC: The Great White Shark of Social Engineering. The e-book also includes a free BEC attack tip sheet download. It explains what BEC is, and details nine BEC attack red flags every employee should watch for.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

Megan Sawle
Megan Sawle

Megan Sawle is a communications and research professional with 10 years of experience in cybersecurity, bioscience and higher education. Megan leads Infosec’s research strategy, leveraging study findings to mature its cybersecurity education offerings and build awareness of cybersecurity diversity and skill shortage challenges. Since joining the team, she’s directed research projects on a wide variety of cybersecurity topics ranging from dark web marketplaces and phishing kits to the Workforce Framework for Cybersecurity (NICE Framework) and the importance of soft skills in cybersecurity roles. Megan is a University of Wisconsin-Stout graduate, an avid equestrian and (very) amateur mycologist.