top of page

Analysis of a Business Email Compromise (BEC) Attack

We wanted to share the following BEC email attack with you to demonstrate the increasing level of sophistication, especially using AI to trick employees into making the wrong decision. 

 

Last week we received a BEC email addressed to our accounts department requesting payment for a nonexistent service supposedly from an Australian based legal firm – not unusual I hear you say

 

Our staff normally hard delete these emails, however this email was different, it was well crafted with an attempt to legitimise the invoice, by creating an email trail, with email's to and from SoftGen staff.

 

Even to the most security aware staff member the email may have looked legitimate. 

 

So, we took some time to investigate further, starting with a phone call to the head office of the law firm (phone number obtained from their website), only to confirm the person named in the email didn't exist. 

 

We then decided to conduct an analysis and handed over the email to our Senior Cyber Engineer Paul, to have a closer look at the email: 

 

Paul was able to: 

1.    Confirm that the server and email address belonged to a legal identity in Europe 

2.    That the company was a Medical Wholesale of both Human and Veterinarian drugs. 

3.    To confirm our findings Paul checked their Email Server information and the email we received passes DKIM, SPF and DMARC authentications. 

4.    Any replies to the email address goes to an obscured email address and not the legal owner.  

 

Our conclusion is that either one of the Medical Wholesalers staff members’ PCs had been hacked and the Criminal has remote access, or that their Email server had been compromised. 

 

This example highlights the benefits of having access to Cyber Security skills, a resource not all organisations can afford, SoftGen can assist by providing the following services: 

 

·         Cyber Advice – Tele Health Check 

·         Security Assessments 

·         Security Audit – including Penetration Test 

·         Forensics Analysis 

 

Our services can be offered as a consultation or short to longer term assignments.  






 
 
 

Comments

Our Recent Posts

Archive

Tags

bottom of page