“mimics a real address. review any unfamiliar or unexpected emails closely. if you see anything that looks suspicious or doesn ’ t feel legitimate, don ’ t reply. “ bec attacs rely on humans to perform actions on behalf of attackers, ” says truman kain, offensive security research…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
90%
“. - ceo fraud : attackers impersonate a high - level executive and ask for urgent wire transfers or sensitive data from employees. employees are tricked into making payments or even purchasing gift cards, believing it ' s a legitimate request from their boss. - payroll diversion …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
88%
“: the attacker impersonates a trusted person at the organization, like a ceo, cfo, or a vendor, using a spoofed or compromised email account. - deception : threat actors send convincing emails to trick employees into transferring money, sharing sensitive information, or downloadi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
80%
“atlanta : an attacker targeted the organization by pretending to be a construction company ’ s chief financial officer. the attack resulted in $ 3. 6 million in damages. - facebook and google : scammers impersonated a legitimate hardware provider and sent emails to facebook and g…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
“about the dangers of bec attacks, how to recognize them, and how to avoid becoming victims. - use multi - factor authentication ( mfa ) : implementing mfa adds an extra layer of security to email accounts, making it more challenging for attackers to gain access. - implement manag…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1556.006Multi-Factor Authentication
73%
“about the dangers of bec attacks, how to recognize them, and how to avoid becoming victims. - use multi - factor authentication ( mfa ) : implementing mfa adds an extra layer of security to email accounts, making it more challenging for attackers to gain access. - implement manag…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.004Spearphishing Voice
54%
“. - ceo fraud : attackers impersonate a high - level executive and ask for urgent wire transfers or sensitive data from employees. employees are tricked into making payments or even purchasing gift cards, believing it ' s a legitimate request from their boss. - payroll diversion …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1598.004Spearphishing Voice
51%
“. - ceo fraud : attackers impersonate a high - level executive and ask for urgent wire transfers or sensitive data from employees. employees are tricked into making payments or even purchasing gift cards, believing it ' s a legitimate request from their boss. - payroll diversion …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1586.002Email Accounts
46%
“understanding business email compromise ( bec ) : how it works | huntress among the threats targeting businesses of all sizes today, business email compromise is a particularly growing concern, and for good reason. business email compromise ( bec ) is a type of cybercrime where t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.001Spearphishing Attachment
43%
“are likely to face, for example fake captcha attacks or deepfakes. ” while the bec threat is real, it ' s not insurmountable. by understanding attackers ' tactics and implementing proactive measures, businesses can be better prepared to face today ’ s email and identity - based a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
42%
“work? bec attacks work by impersonating a trusted source through email to trick employees or organizations into sending money or sensitive information. threat actors create these emails, often with help from generative ai tools that quickly and efficiently make the content look l…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1586.002Email Accounts
41%
“- guarded business email system may see one or two bec attacks slip through the cracks. you can avoid falling victim to these attacks by knowing what to watch for. here are some key identifiers that many bec attacks have in common : - rampant typos : if the email misspells compan…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
40%
“buy digital gift cards and send them to the attacker - controlled email address or phone number. - account compromise : attackers send emails notifying employees that their accounts have been compromised and request that they do things like reset passwords through a phishing link…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
39%
“. - ceo fraud : attackers impersonate a high - level executive and ask for urgent wire transfers or sensitive data from employees. employees are tricked into making payments or even purchasing gift cards, believing it ' s a legitimate request from their boss. - payroll diversion …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
37%
“atlanta : an attacker targeted the organization by pretending to be a construction company ’ s chief financial officer. the attack resulted in $ 3. 6 million in damages. - facebook and google : scammers impersonated a legitimate hardware provider and sent emails to facebook and g…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
36%
“understanding business email compromise ( bec ) : how it works | huntress among the threats targeting businesses of all sizes today, business email compromise is a particularly growing concern, and for good reason. business email compromise ( bec ) is a type of cybercrime where t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1684.001Impersonation
35%
“buy digital gift cards and send them to the attacker - controlled email address or phone number. - account compromise : attackers send emails notifying employees that their accounts have been compromised and request that they do things like reset passwords through a phishing link…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
33%
“: the attacker impersonates a trusted person at the organization, like a ceo, cfo, or a vendor, using a spoofed or compromised email account. - deception : threat actors send convincing emails to trick employees into transferring money, sharing sensitive information, or downloadi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
33%
“mimics a real address. review any unfamiliar or unexpected emails closely. if you see anything that looks suspicious or doesn ’ t feel legitimate, don ’ t reply. “ bec attacs rely on humans to perform actions on behalf of attackers, ” says truman kain, offensive security research…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
A business email compromise (BEC) attack is a type of scam where bad actors impersonate a trusted source to obtain information from their targeted individual.