Using Business Email Compromise (BEC) scams, an attacker uses the same or similar
account name to spoof the high-profile user's identity to initiate fraudulent wire
transfers. The attacker typically uses the identity of a top-level executive to trick
the target or targets into sending money into the attacker's account. Also known as
Man-in-the-Email scams, BEC scams often target businesses that regularly send wire
transfers to international clients and may involve the use of malware, social engineering,
or both. For more information, see FBI Public Service Announcement.
With the integrated Antispam Engine, ScanMail for
Microsoft Exchange performs the following to
effectively protect organizations against BEC scams:
-
Scan incoming email messages from external networks with specified high-profile users' account names, to block social engineering attacks