BEC Attacks

Chris Swagler | January 31st, 2024


Threat actors are finding new ways to bypass multi-factor authentication (MFA) measures, putting law firms at risk of business email compromise or BEC attacks. According to a cybersecurity risk consultancy company, legal companies have been increasingly targeted in recent months by cybercriminal groups specializing in BEC campaigns. The cybersecurity company discovered numerous major advances in recent BEC incidents targeting law firms in addition to recognizing novel MFA evasion methods. The advances include new strategies for delivering phishing emails while remaining unnoticed. The United Kingdom National Cyber Security Centre (NCSC) issued a report warning that law firms are increasingly vulnerable to cyber threats. In the Cyber Threat Report: The United Kingdom Legal Sector, the report reads that cyber criminals, nation states, breaching groups, and threat insiders pose specific risks to law firms that regularly handle highly sensitive information and large funds, and rely on external IT service providers.

Threat Actors Targeting Law Firms with New BEC Tactics

Threat actors have discovered methods to bypass multi-factor authentication, including stealing session cookies and employing advanced phishing techniques, according to the cybersecurity company. The threat actors are pursuing persistent access, which means that a single breach of MFA enables long-term access. Additionally, the threat actors are employing new ways for modifying IP addresses and geolocation data to avoid being detected after breaching law firms’ mailboxes. In terms of phishing improvements, the law firms stated that emails are becoming more complex, making them more difficult to identify as fakes. Along with traditional email attacks. threat actors are targeting more remote-working platforms, including Microsoft Teams, and employing QR codes. The cybersecurity company warns that the consequences of successful BEC attacks include not just reputational damage and financial loss, but also heightened regulatory scrutiny and implications on insurance and professional indemnity premiums upon renewal.

Law Firms in Crosshairs of BEC Attacks

According to a global head of cybersecurity services at a cybersecurity company, law firms are increasingly becoming targets of BEC attacks. The cybercriminals’ ability to bypass MFA and avoid detection is concerning. It serves as a clear warning that traditional defense tactics aren’t enough, and adaptation is essential. The cybersecurity director at the cybersecurity company stated that the surge in targeted email compromise attacks against law firms is a major concern for the legal industry. The threat actors’ evolving tactics, ranging from session cookie theft to more convincing phishing, are putting traditional defenses to the test. To protect their clients, reputation, and bottom line, law firms must emphasize the importance of advanced security measures, detection, and cyber resilience.

With more threat actors utilizing new advanced tactics and techniques, like bypassing MFA, to target numerous industries, including law firms, companies must remain alert to the current threat landscape and educate their employees to detect potential phishing scams and other cyberattacks. Phishing attacks are the most common methods threat actors use to harvest legitimate credentials. SpearTip offers phishing training as mitigation to enhance skills related to defending against these threats. The training tests the discernment of the teams within companies, educates employees regarding common phishing tactics and indicators, and identifies related security gaps in their environment. Our team creates phishing email simulations like those threat actors use and sends them throughout the organization. We provide insight and feedback to improve the cyber defenses of the companies’ teams, leading to a profound decrease in the likelihood of being victimized by phishing scams. After the training, our team provides precise and thorough strategies about how to harden their environment and implement ongoing awareness training.

If your company is experiencing a breach, call our Security Operations Center at 833.997.7327 to speak directly with an engineer.


Connect With Us

Featured Articles

DNS Tunneling
DNS Tunneling: New Tactic To Scan Networks and Track Victims
10 June 2024
Mastermind Behind LockBit Ransomware
Mastermind Behind LockBit Ransomware Unveiled and Charged
07 June 2024
Unchecked User Privileges
Unchecked User Privileges: How to Counter
03 June 2024
Cloud Migration
Cloud Migration Impact on Network Security
28 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Frequently Asked Questions

What specific measures can law firms take to enhance their security and protect against BEC attacks?

Law firms can take various measures to enhance their security and protect against BEC attacks. Some of these measures include conducting regular security training for employees, implementing strict access controls, enabling email filters and spam blockers, setting up strong passwords, and investing in advanced security tools like endpoint detection and response (EDR) solutions.

How are threat actors able to bypass multi-factor authentication (MFA) systems, and what steps can be taken to strengthen MFA defenses against such attacks?

Threat actors are using social engineering tactics and phishing emails to trick employees into providing their login credentials. To strengthen MFA defenses against such attacks, law firms can consider implementing additional security measures like biometric authentication, behavioral analytics, and adaptive authentication. They can also provide regular training to employees on how to identify and avoid phishing attacks.

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.