Attack Vectors

Business Email Compromise (BEC) Attack

BEC attacks are on the rise in both frequency and damage. The FBI says that between June 2016 and July 2019 it received more than 165,000 reports of email compromise with total losses of over $26 Billion. Learn how Perception Point prevents the rising threat of BEC attacks.

BEC: Targeting the Weakest Security Link

Impersonation-based attacks are a growing challenge as attackers are leveraging the fact that in the fast-paced modern enterprise, employees are the weakest link in the security chain. Distracted and easily accessible, attackers are simply tricking them into making mistakes.

 

While legacy security systems have been developed over many years to prevent malicious files and URLs, the trouble is that all or part of most BEC attempts are text-based and do not contain a malicious payload. Rather, they leverage well-researched and sophisticated social-engineering techniques to slip by the unsuspecting user, making traditional email security solutions irrelevant.

The BEC Kill Chain for Email Spoofing

Step 1

Reconnaissance and Weaponization

Attacker targets a company and its executives in order to impersonate them or their brand (e.g. creates fake domain that looks very similar).

Step 2

Delivery

Attacker transmits emails that impersonate company personnel to other company users.

Step 3

Exploitation

Users interact with fake emails and act according to attackers’ instructions.

Step 4

Actions on Objective

Attacker obtains personal and business information or gains financially due to deceiving users.

Our Anti-BEC Technology

Perception Point developed unique algorithms aiming specifically to prevent any type of impersonation technique, including the CEO Fraud, the Lawyer Fraud, the Fake Invoices, and more.

 

The Machine Learning-based technology inspects all relevant data and metadata to identify any deviation from standard operations and to detect suspicious content well ahead it reaches the end user which might be tricked to act wrongfully.

Our Advantages

Advanced Anti-Spoofing Engines

Laser focused engines against spoofing attacks, such as IP reputation, SPF, DKIM and DMARC record checks, as well as Machine Learning algorithms.

Holistic Threat Prevention

Market leading detection of all types of impersonation attacks executed via malicious files, URLs and
social-engineering techniques.

Scanning 100%
of Traffic

We detonate and dynamically check every single bit of content – emails, files, URLS – to guarantee security at any scale and not letting one email go past unscanned.

Next Gen
Anti-evasion

Proprietary engines reveal embedded flies and URLs to deeply scan content and prevent evasion techniques.

TALK TO SALES

Ready to Try
Perception Point?

Learn More