Cybersecurity Awareness/Hygiene – Proofpoint BEC Taxonomy Series – Updated June 24, 2021

Proofpoint BEC Taxonomy Series: Lures and Tasks (Part 5)

In this fifth post in the BEC Taxonomy series, Proofpoint covers the all too familiar vague, basic requests in the form of, “Are you available?,” “I need a quick favor?,” and “Do you have a moment?” Proofpoint highlights how the importance of these preludes are often overlooked because of their basic nature. The post continues about how fraudulent emails use these lures to attempt to see if recipients are available to perform some simple task. Members are encouraged to check out the series at Proofpoint and consider incorporating into current security awareness programming. Visit Proofpoint for more on Lures and Tasks.

BEC Taxonomy Series Parts 1 – 4

Business Email Compromise (BEC) is one of the most (if not THE most) WaterISAC member reported cyber threat. Successful or unsuccessful, BEC – and its cousins, Vendor Email Compromise (VEC) and Email Account Compromise (EAC) – dominate the global cyber threat landscape. In 2020, the IC3 received 19,369 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints with adjusted losses over $1.8 billion. With constant barrages from these impersonation-based phishing attacks, BEC should be a staple topic in all security awareness programs. To that end, Proofpoint has created a BEC Taxonomy series to help all organizations better understand and address this ubiquitous threat. Members are encouraged to check out the series at Proofpoint – Part 1 – A Proofpoint Framework, Part 2 – Invoice Fraud, Part 3 – Payroll Redirects, Part 4 – Extortion – and stay tuned for more.