IT Security: Business E-mail Compromise

This course explores the e-mail fraud schemes known collectively as Business E-mail Compromise (BEC). In a BEC attack, cyberthieves compromise a corporate e-mail account and impersonate the e-mail account’s owner to deceive the company, its customers, partners and/or employees into sending money or sensitive data to the cyberthieves’ account. Some BEC attacks are intended to extract money and others are targeting sensitive information such as tax statements and personally identifiable information (PII). 

Learning Objectives:

• Explain how cyberthieves hack and spoof e-mail accounts
• Describe common BEC schemes and their goals
• Outline the characteristics of BEC e-mails
• Recall policies for reducing financial loss
• Summarize ways to minimize the risk of having your e-mail account hacked

Course Outline:

• Introduction
• How cyberthieves prepare for BEC attacks
• Common BEC schemes

Rev-Mar. 2021. Course length 20 minutes.

This course is worth 0.5 CPE credits.