Compromission d'une boîte de messagerie professionnelle

Rapport : Se défendre contre les attaques de type compromission de la messagerie d'entreprise

Version imprimable, PDF et e-mail

Business email compromise (BEC) makes up a comparatively small percentage of the overall number of spear phishing attacks, but they pack a punch. According to a recent report from FBI’s Internet Crime Complaint Center, complaints filed between June 2016 and July 2019 about business email compromise had a total exposed dollar loss of more than $26 billion.

Barracuda researchers recently took a closer look at these highly targeted and costly attacks, uncovering the latest tactics used by cybercriminals and the steps you can take to help defend your business. They share their findings in the new report Spear Phishing: Top Threats and Trends Vol. 3 – Defending Against Business Email Compromise Attacks.

The report takes an in-depth look at how BEC attacks use impersonation, strategic targeting, careful timing, and social engineering to steal money or personally identifiable information. It also covers ways that organizations can use advanced detection techniques, security awareness training, and other solutions to successfully prevent these attacks.

Demandez dès maintenant votre exemplaire GRATUIT !

According to the FBI, complaints filed between June 2016 and July 2019 about #BEC had a total exposed dollar loss of more than $26 billion. #EmailSecClick To Tweet

Fresh insights on BEC attacks

Barracuda’s research reveals some interesting information about business email compromise and the tactics attackers are using to make their emails convincing and trick their victims. Highlights from the report include:

  • 91 % des attaques par compromission de la messagerie en entreprise (BEC) ont lieu la semaine et principalement au cours des heures d'activité habituelles de l'entreprise ciblée, pour plus d'authenticité.
  • En moyenne, les attaques BEC ciblent un maximum de six employés et 94,5 % de toutes les attaques ciblent moins de 25 personnes.
  • 85 % des attaques BEC prennent la forme de demandes urgentes, conçues pour obtenir une réponse rapide.
  • Les attaques BEC génèrent un taux de clics élevé. Un e-mail de harponnage sur dix réussit ainsi à faire cliquer le destinataire. Ce chiffre est multiplié par trois lorsque la personne dont l'identité est usurpée appartient au service des ressources humaines ou au service informatique.
  • Au cours des 12 derniers mois, le montant moyen des pertes enregistrées par une entreprise suite à une attaque de harponnage s'élevait à 270 000 dollars.
One in 10 #spearphishing emails successfully tricks a user into clicking. That number triples for emails that impersonate someone from HR or IT. #EmailSec Click To Tweet

Get your copy of Spear Phishing: Top Threats and Trends Vol. 3 – Defending Against Business Email Compromise Attacks now to see the full results for yourself and get expert advice on how to defend against these types of attacks. Staying informed and taking the proper precautions can help you keep your organization protected from BEC attacks.

Demandez dès maintenant votre exemplaire GRATUIT !

Remonter en haut de page
Tweeter
Partager
Partager