Responding to Business Email Compromise
Awake Labs
The Business Email Compromise Challenge
Business Email Compromise (BEC) according to the FBI, “is one of the most financially damaging online crimes.” These attackers often establish strong footholds using illicit consent grants & delegation with mailboxes, mail client or server rules, conditional access policies or golden SAML attacks. Incident response therefore requires a disciplined approach that identifies not just the end impact but also tracks back to patient zero and the original vector.
BEC Attack Stages.
Whether the compromise involves direct deposit and payment modifications, man-in-the-middle wire transfers or intellectual property theft, Awake Labs has experts to track down the threat, identify patient zero, lateral movement and data exfiltration.
Business Email Compromise Incident Response
If you suspect you have been a victim of Business Email Compromise, engage Awake Labs to:
Reduce the time to contain and remediate the compromise
Quickly identify login history and anomalous access
Identify patient zero and the initial infection vector
Investigate lateral movement and data exfiltration
Assist with any PHI, PII etc. exposure / regulatory issues because of the compromise
Provide recommendations on how to better secure your environment from future attacks
Why Awake Labs
We work as an extension of your team to quickly understand the full scope of the business email compromise and craft an effective response.
Expertise
Awake experts have decades of experience responding to BEC incidents, whether the breach involves one or hundreds of mailboxes.
Proven Methods
Focusing on the entire scope of the breach helps rapidly restore business functions, accumulates evidence for insurance or legal claims and provides confidence root causes are remediated.
Technology
Combining Awake’s leading network detection and response platform with powerful AI-based backend analytics, reduces impact and delivers forensic evidence for loss recovery.
