As reported by STATESCOOP, a town in Massachusetts lost nearly half a million dollars due to a hacker attack. Bad actors accessed their systems and sent emails pretending to be from a vendor working on a project for the town.
Don’t wait until it’s too late for you. Learn how to protect your domain so you’re not vulnerable to these types of attacks.
Phishing, spoofing, and social engineering
Bad actors were able to send emails pretending to be from a legitimate vendor working on a legitimate project for the town of Arlington, Massachusetts, and town employees, led to believe that they were receiving valid requests to transfer money, electronically sent $445,945.73 from town coffers and off into the ether, likely into the accounts of cybercriminals.
This has all the common traits of a Business Email Compromise (BEC) attack, including phishing, spoofing, and social engineering. It has led to businesses losing over $50 billion in total losses over the past nine years.
Learning to protect against BEC
Mismatched email addresses, generic greetings, urgent or threatening language, unsolicited attachments or links, and poor grammar are all common hallmarks of email spoofing. But even if the email addresses are correct, verify – don’t assume!
Comprehensive protection against BEC starts with email authentication—properly implementing authentication protocols like Sender Policy Framework (SPF) and DKIM (DomainKeys Identified Mail) and adding Domain Message Authentication, Reporting, and Conformance (DMARC) on top of that to help ensure that fraudulent email messages will not be delivered but instead rejected by inbox providers.
Email security is key, but there’s more to be done. Additional security steps to help prevent falling victim to BEC include requiring strong passwords, multi-factor authentication (MFA) security, and appropriate processes and procedures for authorizing and verifying all financial transactions. Employee education and awareness are equally important, with periodic training to ensure staff learn about common phishing and social engineering tactics.
It is also important that you have a mechanism in place to monitor for security incidents, along with having a response policy in place so that you’re both able to identify when something happens and know how to proceed with a plan to investigate and remediate any issues if something ever were to happen.
DMARC can help prevent attacks like this
We’re unsure of what specific type of attack happened in Arlington. It could have been a mix of hacked email accounts, lookalike domains, spoofing of unprotected domains, and perhaps just a bit of social engineering or spear phishing.
But here’s what we do know: With email authentication and DMARC protection in place, your email domains are protected against phishing and spoofing. This prevents bad actors from impersonating your domain name and makes it near impossible for them to get email delivered when spoofing your from address. That’s one of the most important steps you can take to protect your company (or town) from cyberattacks.
Thankfully, Valimail can help protect you. Our advanced anti-phishing solutions are designed to protect your organization from phishing threats by securing your communication channels while also preventing email impersonation.
Industry Research and Community Engagement Lead at Valimail
Al Iverson