Using Business
Email Compromise (BEC) scams, an attacker uses the same or similar account name to
spoof the
high-profile user's identity to initiate fraudulent wire transfers. The attacker typically
uses the identity of a top-level executive to trick the target or targets into sending
money
into the attacker's account. Also known as Man-in-the-Email scams, BEC scams often
target
businesses that regularly send wire transfers to international clients and may involve
the use
of malware, social engineering, or both. For more information, see FBI Public
Service Announcement.
With the integrated Antispam Engine, ScanMail for
Microsoft Exchange performs the following to
effectively protect organizations against BEC scams:
-
Scan incoming email messages from external networks with specified high-profile users' account names, to block social engineering attacks