As online dangers keep changing, one type of attack really tricks people’s minds: business email scams. These scams rely a lot on tricking people rather than hacking into systems. It shows how important it is to know and protect against trickery in today’s online world.
Business email compromise (BEC) attacks are one type of attack particularly adept at manipulating human behaviour. These schemes heavily exploit social engineering tactics, emphasizing the need to grasp and counteract the skillful use of deception.
Social engineering, present in 90% of phishing attacks today, is the cornerstone of BEC attacks. These schemes exploit human vulnerabilities, leveraging urgency, emotional manipulation, and familiarity to trick individuals into divulging sensitive information or performing unauthorized actions.
Understanding common social engineering tactics and the threat groups behind them is crucial for businesses seeking to fortify their defences against BEC attacks.
Exposing threat actor groups
Diamond Sleet: Notorious for its software supply chain attack on JetBrains, Diamond Sleet poses a significant threat to organizations. By infiltrating build environments, this group jeopardizes the integrity of software development processes, warranting heightened vigilance from affected entities.
Sangria Tempest (FIN): Sangria Tempest specializes in targeting the restaurant industry, employing elaborate lures such as false food poisoning accusations to steal payment card data. Leveraging underground forums for recruitment and training, this Eastern European group has orchestrated numerous successful attacks, compromising millions of payment card records.
Octo Tempest: This group, driven by financial motives, employs sophisticated adversary-in-the-middle (AiTM) techniques and social engineering tactics. Initially targeting mobile telecommunications and business process outsourcing firms, Octo Tempest later partnered with ALPHV/BlackCat to amplify its impact through ransomware operations.
Midnight Blizzard: Operating primarily out of Russia, Midnight Blizzard targets governments, diplomatic entities, NGOs, and IT service providers across the US and Europe. Utilizing Teams messages as lures, this group aims to steal credentials by engaging users in multifactor authentication (MFA) prompts.
Safeguarding against social engineering fraud
Protecting against social engineering fraud requires a multifaceted approach. Firstly, maintain separation of personal and work accounts. By keeping personal and work accounts separate, individuals can mitigate the risk of attackers exploiting personal information to impersonate trusted entities and gain access to corporate data.
It is critical to implement Multi-Factor Authentication (MFA). While MFA adds an extra layer of security, businesses should be vigilant against emerging threats like SIM swapping. Linking MFA to authentication apps rather than phone numbers can mitigate this risk.
Educating users on the dangers of oversharing personal information online is also extremely important. Limiting the availability of personal details reduces the effectiveness of social engineering tactics that rely on establishing trust.
Businesses must deploy robust endpoint security, firewalls and email filters to safeguard against phishing attempts and other malicious activities. These defences serve as critical barriers against intrusions and data breaches.
By staying informed about ongoing threat intelligence and maintaining up-to-date defences, businesses can effectively thwart the increasingly sophisticated tactics employed by social engineering threat actors. Proactive measures are essential in safeguarding against the pervasive threat of social engineering fraud.
_______
More about J2 Software (www.j2.co.za)
J2 Software is a cyber security-focused technology business founded in 2006 to address the critical need for effective cybersecurity, governance, risk, and compliance solutions that are practical and purpose-built. With the continued rise of cybercrime, identity theft, and confidential data leakage, J2 Software’s mission is to provide managed cyber security services that are not just a competitive advantage but an absolute business necessity.
Our comprehensive managed cyber security services cater to businesses of all sizes, ensuring greater visibility to identify risky behaviour and enhancing the capability to respond effectively to prevent losses. We understand that cybersecurity is essential for protecting valuable assets and maintaining business continuity.
J2 Software delivers essential tools that empower organizations to take control of their technology spend. Our hand-picked solutions, combined with expert services, provide complete visibility over our customers’ environments while reducing risk and lowering costs.
With a dedication to improving the cyber resilience of our customers, J2 Software has expanded its reach globally, serving more than 575 customers across four continents. Our commitment to innovation, reliability, and customer satisfaction has made us a trusted partner in the ever-evolving landscape of cybersecurity. Partner with J2 Software to safeguard your digital assets and secure your business’s future.
On behalf of:
Company: J2 Software
Contact: John Mc Loughlin
Designation: CEO
Tel:(021) 461-1223
Email: john@j2.co.za | john@j2software.co.uk
Ad