Learn to detect and prevent Business Email Compromise (BEC) and Email Account Compromise (EAC) in this 31-minute webinar that examines the $2.1 billion global threat affecting organizations worldwide. Explore various BEC scenarios, including wire fraud schemes, data theft methods, and malware deployment tactics through compromised or spoofed legitimate emails. Master the detection of legacy authentication protocols and Adversary-in-the-middle attacks that bypass Multi-factor Authentication (MFA). Gain practical knowledge in implementing email rule analytics, monitoring MFA method modifications, and analyzing user agent data to effectively hunt and identify potential compromises. Discover essential prevention strategies, understand authentication flows, and learn to recognize warning signs through real-world examples and comprehensive examination of email forwarding rules and inbox configurations.
Overview
Syllabus
Intro
Who are we
What is business email compromise
You should care about this
Initial access
Examples
MFA bypass methods
Persistent access without MFA
Legacy authentication
Resource owner password credentials
B2RPC user agent
Authentication flows
adversary and middle attacks
open source tools
how to prevent email compromise
when account compromise can happen
what to look for
email forwarding rules
new inbox rule
Bring it on Rachel
Email rules
Poll Results
Outro
Taught by
Red Canary
