Graphus protects against Business Email Compromise (BEC) Scams

January 21, 2020

According to the recently released Verizon 2019 DBIR report, Social Engineering and BEC Scams contributed to 370 incidents and 248 confirmed breaches. FBI’s Internet Crime Complaint Center (IC3) said that losses from business email compromise (BEC) scams reached $1.2 billion in 2018, almost double the adjusted losses of $675 million in 2017.

BEC or Business Email Compromise are scams where attackers send email messages impersonating an executive or an employee at an organization. There can be multiple ways these deceptions can occur. Some examples include Spoofed or Compromised email accounts of CEO or other executives in an organization asking other employees to transfer money. Posing as a supplier requesting to transfer funds to pay a fake invoice. Posing as a real estate agent to send money to complete a home buying process.

At Graphus we detect and prevent against these attacks on a daily basis. We accomplish this because of our superior patented technology, the TrustGraph®, which uses AI algorithms, machine learning, graph theory and EmployeeShield™.

Example of Business Email Compromise Attack

Let us dive into one such attack with and without Graphus. The example in this case is similar to an attack that we detected and prevented recently for one of our customers. An email was sent to Human Resources from the CEO (spoofed email address) to change the bank account and routing information of the direct-deposit of a paycheck into a different account.

These attacks are successful because they are not directly asking for money rather change bank information. These are straight-forward well crafted emails without grammatical errors. Unfortunately they are easy to setup using any free email provider. After easily passing through the signature based traditional email security systems, they can trick the recipient regardless of how much security training they have gone through.

This is how the email would look to the recipient without Graphus.

However, here is how the email looks with Graphus protecting the organization. The difference is EmployeeShield™, the interactive warning banner that gets inserted into an email Graphus detected as suspicious. EmployeeShield™ alerts the recipient and is compatible with desktop or mobile devices. The interactive buttons let the recipient report the email to the security team for further investigation. Thanks to the EmployeeShield™ this scam was caught and prevented in time.