The Dynamic Cloud Security Blog

Detecting BEC Attacks and Compromise - Part 5

1.0 Introduction

In Part 1 of this blog series, we introduced BEC attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. In Part 4, we discussed key logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

In this post, Part 5 of the series, we discuss how employees can detect BEC attacks against their environment, as well as to identify situations where a BEC attack has already been successful and an attacker may be accessing the user’s account.

Configuration of Office 365 to Protect Against BEC Attacks - Part 3

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In this third entry, we will discuss a number of key Office 365 configuration settings that organizations can implement to protect against BEC attacks. 

Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

The Unassuming Threat: Business E-Mail Compromise & Office 365 Vulnerabilities

The Unassuming Threat: Business E-Mail Compromise - Part 1

Across the globe, companies and organizations of all sizes have faced an increasing onslaught of the cyber-crime known as business e-mail compromise (BEC). Perpetrated by organized crime groups, BEC attacks have resulted in losses of billions of dollars over the last decade. So how do you prepare and protect your organization from BEC?