BEC: Just Defend Against Business Email Compromise or Strike Back?

Return to Sender

Agari has been focused on active defense, with multiple reports published on specific cybergangs in the last year. In one instance, researchers for the Agari Cyber Intelligence Division developed responsible active defense techniques that enabled them to puzzle together the perpetrators of a large number of email scams targeting several customers.

Social Engineering the Socially-Engineered

The appeal of active defense is understandable, of course — especially given the stakes. Despite billions of dollars of investment and major advances in sophisticated security technology, the vast majority of financial institutions, along with organizations across other industries, remain utterly vulnerable to BEC attacks, which use sophisticated forms of identity deception to impersonate a trusted contact. Through social engineering, cybercriminals use these deception techniques to completely bypass traditional perimeter defenses. There’s no malware to detect, nothing suspicious in the code, nothing unfamiliar in the message.

Email Fraud in the Danger Zone

Active defense has yet to become a product you can purchase. Instead, it’s an approach — one that falls within a precarious gray zone between hacking back or “offensive cyber” operations and more passive forms of defense such as firewalls, email filters, and so on. Offensive cyber is really meant for nation states hitting back against other nations or non-state actors. Besides the fact that it is illegal for companies to conduct such operations, it’s also a very bad idea.

Raising a Better Shield with Better Email Security

All this said, long before considering active defense measures, organizations should have proper protections against business email compromise and other advanced email threats in place.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.