Business email compromise (BEC) attacks are growing in both frequency and severity. According to the FBI, BEC attacks cost businesses $5.3 billion from 2013 to 2016 — a figure Trend Micro predicts will grow to $9 billion by the end of 2018.
BEC attacks are one of the most costly security threats facing your organization today. What’s worse, most of these attacks go undetected by technical controls because they leverage old-fashioned scam tactics to trick your workforce into transferring money or sharing confidential information. This means the best way to prevent BEC attacks is to educate your employees about how BEC attacks work.
Introducing SecurityIQ’s New BEC Awareness Training Resources
New SecurityIQ resources include 20 new BEC phishing templates, simulation reply tracking and a BEC awareness training module.
20 BEC Phishing Templates
Using these templates, you can send your employees realistic attack simulations to increase their awareness of BEC attacks. Attack methods simulated in the templates include:
- Wire transfer requests
- Fake invoice requests
- W-2 request information
- VPN password reset requests
- Payroll information requests
If your employees fail the simulation, they will receive immediate supplemental training tailored to their role in your organization. This training will evolve alongside employee aptitude, keeping training relevant and engaging.
BEC Simulation Reply Tracking
This new feature tracks all replies to your BEC simulations, helping you identify vulnerable employees who need additional security awareness training. Learn how to enable this setting in the user manual.
Sensitive Data Detection
SecurityIQ reply tracking also includes pattern recognition, allowing you to determine what type of data your employees shared in failed simulations. Patterns recognized include credit card numbers, bank account numbers and social security numbers. You can store this data securely in SecurityIQ for up to 14 days, or turn off storage completely. Whatever decision you make, this tool makes it easy to track employee vulnerability to BEC scams for even large organizations with thousands of employees. Learn more about this feature in the user manual.
BEC Awareness Training Module
This interactive module describes what BEC scams are, outlines the risks of BEC attacks and provides suggestions for BEC scam defense.
Don’t Miss Our Webinar! BEC: The $9 Billion Security Threat You Can’t Ignore
To help you learn more about business email compromise (BEC) attacks and measures you can take now to protect your organization, security leaders from InfoSec Institute and DarkMatter will share practical tips for BEC threat mitigation. Join us on 4/26 at 10:00 a.m. Central (Americas) for a discussion of:
- The anatomy of a BEC attack
- Prevalent attack types
- BEC prevention methods, including security awareness training
Guest speakers include:
- Roger Sels, VP Information Security, DarkMatter
- Jack Koziol, CEO, InfoSec Institute
Click the button below to register. As a bonus, we’ll send you a copy of our BEC e-book, Introducing BEC: The Great White Shark of Social Engineering. The e-book also includes a free BEC attack tip sheet download. It explains what BEC is, and details nine BEC attack red flags every employee should watch for.