FBI Recommendations on Business Email Compromise (BEC)

The menace of Business Email Compromise (BEC) is often overshadowed by ransomware but it’s something small and medium-sized businesses shouldn’t lose sight of.

The FBI Internet Crime Complaint Center (IC3) has alerted US businesses to ongoing attacks targeting organizations using Microsoft Office 365 and Google G Suite.

Warnings about BEC are specifically to those carried out against the two largest hosted email services, and the FBI believes that SMEs, with their limited IT resources, are most at risk of these types of scams:

Between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totaling over $2.1 billion in actual losses from BEC scams targeting Microsoft Office 365 and Google G Suite.

As organizations move to hosted email, criminals migrate to follow them.

As with all types of BEC, after breaking into the account, criminals look for evidence of financial transactions, later impersonating employees to redirect payments to themselves.

For good measure, they’ll often also launch phishing attacks on contacts to grab even more credentials, and so the crime feeds itself a steady supply of new victims.

Turn on Multi-Factor Authentication (MFA)

One takeaway is that despite the rise in BEC attacks on hosted email, this type of email is still more secure than the alternatives provided admins turn on the security features that come with it.

The FBI has the following general advice:

  • Enable multi-factor authentication for all email accounts
  • Verify all payment changes via a known telephone number or in-person

And for hosted email admins:

  • Prohibit automatic forwarding of email to external addresses
  • Add an email banner to messages coming from outside your organization
  • Ensure mailbox logon and settings changes are logged and retained for at least 90 days
  • Enable alerts for suspicious activity such as foreign logins
  • Enable security features that block malicious email such as anti-phishing and anti-spoofing policies
  • Configure Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) to prevent spoofing and to validate email

The FBI also recommends prohibiting legacy protocols that can be used to circumvent multi-factor authentication, although this needs to be done with care as some older applications might still depend on these.

New Android Malware Poses as Security Update to Take Control of Devices

The malware can record calls, take photos, and perform a variety of invasive actions.

Before you approve what appears to be a new Android update, you may want to verify that you’re installing the real thing.

According to mobile security firm Zimperium zLabs, a new form of malware disguised as a system update is making the rounds on Android devices. Instead of actually upgrading users to a new version of the operating system, the malware commandeers the phone to take advantage of several functions. It lets bad actors record audio, phone calls, take photos, access messages within third-party messengers like WhatsApp, and even search for specific file types present on the phone.

This invasive “app” is considered a “sophisticated spyware campaign with complex capabilities,” according to zLabs researchers. After installation, the device becomes registered with the Firebase Command and Control (C&C) and reports information about WhatsApp, storage information, the internet connection, and a swath of other details.

Triggering the spyware comes in different ways: installing a new app, receiving a text, or even adding a new contact. From there, call recording can begin if calls are made or received. Messages can be logged. It’s a whole suite of bad news, especially when users have no idea it’s all taking place.

SG TCP Optimizer – Improve Your Network Connection – Free

The TCP Optimizer is a free, easy Windows program that provides an intuitive interface for tuning and optimizing your Internet connection. There is no installation required, just download and run as administrator.

The program can aid both the novice and the advanced user in tweaking related TCP/IP parameters in Windows, making it easy to tune your system to the type of Internet connection used. The tool uses advanced algorithms, and the bandwidth*delay product to find the best TCP Window for your specific connection speed. It provides for easy tuning of all related TCP/IP parameters, such as MTU, RWIN, and even advanced ones like QoS and ToS/Diffserv prioritization. The program works with all current versions of Windows, and includes additional tools, such as testing average latency over multiple hosts, and finding the largest possible packet size (MTU).

For information and download:


Universal Patient Identifier

A unique patient identifier (UPI) is a method for standardizing patient identification. Individuals are assigned a unique code, and that code, rather than a Social Security Number, name, or address, is what is used by healthcare organizations to identify and manage patient information. A standardized code like this not only protects sensitive health information but supports the exchange of data between healthcare organizations and states as it is a number and format easily read and recognized by all.

While a UPI has yet to be nationally recognized and implemented, a foundation has certainly been made and the industry is perfectly poised to move forward.

How a unique patient identifier is used in healthcare

The UPI helps healthcare organizations link the right records together, preventing duplicate records from being created. There are many ways duplicate accounts or variances can occur: address differences, name variations, maiden names and even user entry error.

With UPIs, providers and payers can link records together and have one complete record and view of the patient or member, ultimately leading to a better experience and increased patient safety. Without reliable records, patient safety takes a hit. Misidentification can contribute to incorrect treatments and adverse medication interactions that have had life-altering or fatal consequences.

The UPI’s ability to achieve accurate record match rates for every patient and member also improves efficient, patient-centered care coordination, as well as population health management strategies, prescription drug monitoring programs (PDMPs), social determinants of health and more.

For more information