You Have Been Phished
What is BEC or Business Email Compromise
Business email compromise (BEC) is an exploit in which an attacker obtains access to a business email account and imitates the owner's identity, in order to defraud the company and its employees, customers or partners.
Senario
You get the Email below saying that you have a security alert on your account and a button that tells you to recover your account ...
So you click on the recover your account and serves you a microsoft Login page
Little that you know this is a fake login page and what ever you put into this will get directly sent to the hacker
Now he has access to you microsoft account and any other app you have with microsoft like:
- Outlook
- Documents
- Chats
For this the hacker wants to send out more emails out to catch as many people as possible.
So he logs into Outlook and looks at your address book. You have a couple hundred emails
you have gotten over the years you have been in business. From personal friends to Business partners and the hacker
decides to use all your contacts for his scheme.
Maskerading as you he starts sending the same email as he sent to you to all your contacts. You dont
see a thing because he made a rule on you outlook to forward all the replies to him and move all the
sent files and replies to the deleted folder making you none the wiser.
What just happened ...
By entering your account in that fake webpage you gave you information to hacker. With that information
he was able to send malious emails as you to all of your friends. Making the recipiants not trust your
emails in the future or worse a company you work with also gets tricked with this and the
cycle starts all over again.
Ways to prevent this from happening
Even though you may trust microsoft this company is huge and hacker try to exploit that trusting nature.
- Always be weary when you get sent a email that you didnt expect or whats normally not sent to you
- Send a email back saying "what is this", you wont alway recive a reply back but sometimes you do
- You can hover over the link to see if the url makes sense like if the url is "dfres.0ffice.app" it probly not real
- If your feeling lucky you can click on the link and see where it takes you. The microsoft login looks funky not really like the real microsoft page
If you want to dig in a little deeper
-
there are many sites on the internet that you can check if the email address or the URL have been flagged as bad or malious
Ways to report Phishing Emails
Report in Outlook
Report in Gmail
Any other email providers just simple google and i bet you will find the answer
Report a phishing Url
This is a little harder to do, some hosting sites have a way to do it and others
do not. There are alot sites like virustotal that you can report the urls
and they are put on a blacklist but you wont see them taken down.
Sites to report urls
The sites below will flag the urls by you adding the url for scanning
