BEC FRAUD

StopClone is able to eliminate BEC fraud before it happens. Included in packages 2, 3 and Blue Chip.

BEC  (Business Email Compromise)  Fraud,  is  on  the  rise,  with  small  to medium-sized  enterprises  (SMEs)  losing  an  average  of  £37,000.

BEC  attacks  are  increasingly  popular  with  cyber  criminals  to  steal money  and  information  as  well  as  spread  malware,  a  recent  report  by  our  researchers  revealed  the  top  objective  of  such  attacks  being  to  trick  recipients  into  transferring  money  into  accounts  controlled  by   cyber criminals.  Attackers  typically  compromise  the  email  accounts  of   CEOs  and  other  top  executives  so  those  accounts  can  be  used  to   send  messages  to  more  junior  staff  members,  tricking  them  into  taking  some  action  by  impersonating  the  email  account  holder.

CEO fraud

In  this  instance,  attackers  will  pose  as  a  company  CEO  or  other company  executive  in  an  attempt  to  fool  any  level  of  employee — from  intern  to  an  accountant  to  human  resources  and  everything  in between  — into  executing  unauthorized  wire  transfers  or  sending  out confidential  tax  information.  Often,  there  can  be  crossover  here  into social  engineering  attacks,  which  use  psychological  manipulation  to trick  people  into  divulging  confidential  information  or  providing  access to  funds.

Usually,  CEO  fraud  phishing  emails  are  social  engineering,  but  they  sometimes  can  be  spear-phishing  attacks  (that  is,  the  attacker  spoofs  the  CEO  asking  an  employee  to  download  a  file).

Account compromise

As  mentioned  above,  one  of  the  biggest  goals  for  cyberattacks  is  account  takeover.  This  is  one  of  the  most  devastating  forms  of  BEC attacks  and  involves  using  phishing  emails  to  hack  an  executive  or employee  account  and  then  uses  those  qualifications  to  request  invoice  payments  to  vendors.  Interestingly,  this  dovetails  with  reports that  more  than  56%  of  organizations  report  falling  victim  to  a  breach caused  by  their  vendor.

Account  takeovers  may  not  be  seen  as  destructive  as  ransomware  or malware  attacks, but  they  can  cause  huge  financial  loss  to  companies. They  also  almost  always  start  with  a  social  engineering attack,  asking  recipients  for  unspecified  tasks  or  for  compromising information.  Then  criminals  often  lurk  for  months  undetected  in  the back  end  of  systems,  learning  communication  patterns  they  can  later exploit.  This  ecosystem  is  clearly  still  extremely  vulnerable  to  hacking and  phishing  attacks,  leaving  a  ripe  opening  for  cybercriminals  to  abuse.

False invoice scheme

This  is  one  of  the  top  five  major  types  of  BEC  scams.  These  attacks commonly  target  someone  who  works  in  a  business’s  financial department,  such  as  an  accountant.  Savvy  attackers  will  alter  a legitimate  invoice’s  bank  account  numbers  but  leave  the  rest  of  the invoice  unchanged,  making  it  difficult  to  detect  that  it’s  fraudulent.  The possibilities  from  there  are  numerous:  Some  attackers  increase  the payment  amount  or  create a   double  payment, among  many  strategies.

However  it  happens,  the  false  invoice  scheme  involves  using  phishing emails  to  impersonate  the  accountant,  the  vendor,  or  both.  These techniques  are  replicable  in  other  prominent  billing  schemes,  such  as creating  shell  companies  or  making  fraudulent  purchases  with organizational  funds.

10+

YEARS OF EXPERIENCE

1200+

CLIENTS IN THE UK

45+

PROFESSIONAL STAFF MEMBERS

1000+

TAKEDOWNS PERFORMED

  • Purchase your selected security service

    Step 1

  • Speak with your account manager

    Step 2

  • Account activated. You are secured

    Step 3

SERVICES

DOMAIN MONITORING
DMCA TAKEDOWN
BRAND ABUSE PROTECTION
HUMAN VERIFICATION
PERSONAL ACCOUNT MANAGER
BEC FRAUD/IMPERSONATION PROTECTION
CEO FRAUD PROTECTION
BRANDJACKING PROTECTION
SOURCE CODE PROTECTION
PHISHING PROTECTION
SOCIAL MEDIA CLONING
DARKNET MONITORING
MESSAGING
BESPOKE SERVICE
Level 1

£999

per year

-
-
-
-
-
-
-
-
-
Level 2

£1,499

per year

-
-
-
-
-
-
-
Level 3

£1,999

per year

-
-
-
-
Blue chip

£4,999

per year

Level 1

£999

per year

DOMAIN MONITORING
DMCA TAKEDOWN
BRAND ABUSE PROTECTION
HUMAN VERIFICATION
PERSONAL ACCOUNT MANAGER
Level 2

£1,499

per year

DOMAIN MONITORING
DMCA TAKEDOWN
BRAND ABUSE PROTECTION
HUMAN VERIFICATION
PERSONAL ACCOUNT MANAGER
BEC FRAUD/IMPERSONATION PROTECTION
SOURCE CODE PROTECTION
Level 3

£1,999

per year

DOMAIN MONITORING
DMCA TAKEDOWN
BRAND ABUSE PROTECTION
HUMAN VERIFICATION
PERSONAL ACCOUNT MANAGER
BEC FRAUD/IMPERSONATION PROTECTION
CEO FRAUD PROTECTION
SOURCE CODE PROTECTION
PHISHING PROTECTION
SOCIAL MEDIA CLONING
Individual

Price

on request

DOMAIN MONITORING
DMCA TAKEDOWN
BRAND ABUSE PROTECTION
HUMAN VERIFICATION
PERSONAL ACCOUNT MANAGER
BEC FRAUD/IMPERSONATION PROTECTION
CEO FRAUD PROTECTION
BRANDJACKING PROTECTION
SOURCE CODE PROTECTION
PHISHING PROTECTION
SOCIAL MEDIA CLONING
DARKNET MONITORING
MESSAGING
BESPOKE SERVICE

StopClone is a trading name of Kazton Limited. Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ. Registered in England and Wales No. 13064232. VAT No. GB370189393. Phone: +44 (207) 1172812. Email: support@stopclone.co.uk.