In 2019, the FBI estimated that the global loss of Business Email Compromise (BEC) attacks amounted to a staggering 26 Billion USD. As a response to the ongoing threat my team and I developed an extensive but non-exhaustive guide for any cyber security professional conducting a BEC investigation. In this highly practical presentation I will use real life cases of BEC attacks that I have worked on and show you the latest methods threat actors use to compromise an email environment. I will also show you how you can use our guide to structure your detection and response covering the various phases of a BEC attack to give you a change of spotting a threat actor before it is too late. After this presentation you will want to start checking your own email environment for threats.
View upcoming Summits: www.sans.org/u/DuS
Download the presentation slides (SANS account required) at www.sans.org/u/1h3C
#DFIR #EmailCompromise #DigitalForensics