Get full access to Learn Social Engineering and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Defending against BEC

While these attacks often involve some intelligence gathering on the part of the attacker, who needs to identify information such as the business legal name and address, the names of company officers and employees in accounts payable, the structure of company email addresses within the company, and so forth—this information can often be found from various public sources. Company websites and social media pages readily divulge this type of information, and searching Facebook, Twitter, and LinkedIn for employees social media accounts, especially those of executives, can help refine targeting.

The attackers may even send messages to sales, marketing, and public relations departments to get replies from which they can copy ...

Get Learn Social Engineering now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now