This time they asked Alex and I to talk about Business Email Compromises (BEC). In our research we found out about how Facebook and Google got hit with a $100M email scam. The legit attacks are scary effective and if big tech companies and their infinite security budgets could get scammed, what chance do the SMBs have? Also the US election may have been swayed when the White House Chief of Staff was compromised with BEC techniques.
We often fail as security professionals to heed the advice of UX experts and pay dearly:
