Imagine a CEO requesting an employee to transfer money to a client, a business partner requesting invoice clearance from the IT team, and an employee requesting clicking on a link in an ongoing email thread. You may agree that these situations do not raise any suspicion at first, since these are normal activities for the everyday functioning of the business.
Unfortunately, these are also real-life examples of how targeted email attacks are conducted. Impersonating as a trusted authority, hackers take advantage of the trust and look-alikes of known people to make the victim comply with their request.
Given the nature of this crime, it’s relatively easy for hackers to employ these tactics, but it costs businesses disastrous losses.
For example, a recent study by IBM shows a BEC (business email compromise) attack costs businesses an average of a whopping $5.01 million per breach.
Besides monetary loss, businesses also suffer from reputational damages.
So, how can you ensure that you’re protecting your company against such crimes?
Let’s begin by understanding what exactly is target email phishing, its types, and how to mitigate the same.