Phishing attacks target organizations of all sizes and is becoming increasingly prevalent, sophisticated, and costly. But the security used to combat phishing attacks has become even more complex when introducing the possibility that your employees are in a work from home scenario. They may no longer be in one central office and are no longer protected behind one firewall.

A Business Email Compromise (BEC) is a specialized type of phishing attack that is becoming increasingly prevalent. Business email compromise (BEC)—also known as Email Account Compromise (EAC)— attacks are designed to impersonate senior executives and trick employees, customers, or vendors into wiring payment for goods or services to alternate bank accounts.

A slightly varied form of these attacks is known as a Vendor Email Compromise (VEC). Well-funded, organized cybercrime rings use hijacked business email accounts and social engineering tactics to gather insider information that is then used to create meticulously crafted and timed attacks. Attackers often pose as legitimate vendors to send fake invoices and ask for payment or payment information.

BEC’s and VEC’s are especially harmful to businesses that have employees working from home. When your team is no longer in an office setting where communication is more fluid, it becomes harder to discuss what is legitimate and what is an email threat. Because your team may be vulnerable, we encourage you to:

• Always vet or verify the sender’s email address – this will clarify if it’s a spoofed email address.
• Ask if you’re unsure or get in touch with the legitimate sender – a phone call or contacting your actual CEO or vendor is a great way to verify before clicking on anything.
• Communicate with your team – keep your work from home employees up to date or notify them not to click certain emails if phishing or BEC attacks have been confirmed.

Fortify Your Entire WFH Network Security With a Thinix Audit

Thinix can help you fortify your network to increase security and protect your work from home (WFH) team from BEC/VEC attacks. We help you objectively assess your network security with a thorough network audit. As a neutral third party, we provide checks and balances with our network auditing. By performing an extensive network audit, Thinix can tell you within 36 hours where your strengths and weaknesses are, along with recommendations on how to improve your network security to prevent vulnerabilities such as these phishing attacks.