Logically's March Newsletter
You Spoke, We Listened
Last month we launched a survey to understand what you wanted to see more of in our newsletter...
Result: 50% said more tips and best practices
So moving forward, that's what you'll see. Our goal is to make sure you are getting valuable content that applies to your business. If there is a topic you want covered, please email marketing@logically.com and we will ask our experts.
[The Logically Lowdown]
Inside Information from Our Team of Experts
In February, We Stopped 20 BEC Attacks
Business Email Compromise (BEC) attacks are sophisticated scams targeting businesses working with foreign suppliers and businesses that regularly perform wire transfer payments. The aim is often to impersonate a high-level executive (CEO, CFO, etc.) or a business partner to trick employees into transferring money or sensitive information to the attacker's account.
Here's how to prevent BEC attacks:
- Education and Awareness: Train employees about BEC attacks, including how to recognize phishing emails and the importance of verifying email requests for money or sensitive information. Regularly update training to cover the latest tactics used by scammers.
- Verification Procedures: Implement strict procedures for verifying the legitimacy of emails requesting transfers of money or sensitive information. This can include phone verification using known numbers (not those provided in the email) or a two-person approval process for transactions above a certain threshold.
- Email Security Solutions: Use advanced email security solutions that include spam filters, phishing detection, and multi-factor authentication (MFA) to add an extra layer of security. Solutions that use artificial intelligence or machine learning can adapt to new threats over time.
- Segmentation of Duties: Ensure that responsibilities for authorizing payments and accessing financial information are separated. This makes it harder for a single compromised email to lead to an unauthorized transaction.
- Regular Security Updates and Patches: Keep all systems up-to-date with the latest security patches. Attackers often exploit known vulnerabilities in software to gain unauthorized access.
- Secure Email Practices: Encourage the use of secure email practices, such as the use of encryption for sensitive emails and avoiding the use of free, web-based email accounts for business purposes.
- Limit Information Sharing: Be cautious about how much information is shared online or via social media. Attackers often use publicly available information to make their phishing attempts more convincing.
- Incident Response Plan: Have a detailed incident response plan in place that includes procedures for responding to BEC attacks. This should include immediate actions to take if someone suspects they've been targeted or if a scam has been successful.
- Monitor and Audit Transactions: Regularly monitor and audit financial transactions for signs of suspicious activity. Early detection can minimize damage.
- Legal and Financial Safeguards: Work with legal and financial teams to set up contractual safeguards and verification processes with partners and suppliers to reduce the risk of fraudulent transactions.
BEC attacks exploit the human element of security, so a combination of technology, processes, and ongoing education is the best defense against them.
[Need to Know]
Upcoming events, new products, and relevant resources.
Blog: AI in Cybersecurity: A Comparative Journey
Blog: Beyond Automation: AI and Cybersecurity Still Requires Oversight
3/21 Webinar: Future-Proofing SecOps: AI Innovations and Strategies
3/21 AMA Webinar: Logically Uncovered: MDR and EDR
Security Bulletin: ConnectWise ScreenConnect Vulnerability
Whitepaper: Enhancing SOC with AI
Looking For a Trusted Ally?
Speak to one of our experts and learn how Logically can evolve with your business needs while managing the complexity, performance, and security of your business technology.