Understanding the Shifting Anatomy of Next-Generation BEC Attacks

Technology begets opportunity, for both successful companies and fraudsters.

And today’s rising tide of cybercrime has unveiled a new frontier of fraud, one where malicious entities and cybercriminals are focused on exploiting the building blocks of digital identity—domain names, hosting services and financial supply chains. Among these threats, business email compromise (BEC) attacks have evolved with a level of sophistication that is reshaping how companies must defend themselves.

Traditional BEC scams often relied on impersonating high-ranking executives or key suppliers. A simple email requesting a wire transfer might have been enough to dupe unsuspecting employees. However, the modern iteration is far more nuanced and multilayered, as phishing attempts get a shot in the arm from the democratization of advanced technologies like artificial intelligence (AI).

Cybercriminals are now exploiting the sprawling digital supply chains that underpin businesses. Using tools powered by AI, they scrape publicly available data from platforms like LinkedIn, company websites and social media to craft highly tailored phishing lures. Against this backdrop, a striking pattern has emerged: much of this growth in corporate phishing attempts is concentrated on newer, generic top-level domains (gTLDs) such as websites ending in .shop, .top, .xyz, and the like.

These domains, while legitimate, have become fertile ground for cybercriminals to launch increasingly convincing attacks targeting corporate wallets and reputations.

But with the news Thursday (Dec. 5) that Socure says it has reached a milestone in its collaborative, data-sharing effort to combat fraud, security-minded enterprises are embracing a proactive, rather than reactive, stance to protecting their cyber perimeter.

Read more: Securing the Cyber Perimeter Starts With Safeguarding Corporate Emails

The rise of gTLDs was meant to democratize the internet by providing more naming options beyond traditional extensions like .com or .org. However, the lower cost and easier registration process for many gTLDs have also made them attractive to cybercriminals.

Registering a gTLD like .top can be significantly cheaper than traditional domains, allowing attackers to set up multiple fraudulent sites, while automation tools let cybercriminals purchase and configure domains en masse, launching scams at scale. At the same time, with AI-powered domain generation algorithms, criminals can create hundreds of unique domain variations to evade detection.

Criminals often rely on the time it takes for investigators, registrars or hosting providers to act. They maximize the damage during this window by sending more phishing emails, redirecting victims or executing fraudulent transactions.

“Fraudsters … are adept at hacking email servers and manipulating employees into granting them access,” nsKnox COO Nithai Barzam told PYMNTS in an interview. “Once they are in, they can easily mislead accounts payable (AP) and accounts receivable (AR) staff. To put it in simple terms: Today, it’s just too easy to target corporate payments. Therefore, organizations must protect all payment types using technology-driven validation of payee and account details while making sure all payment-related data and files are protected in a way that they cannot be tampered with.”

The fight against BEC and domain-based fraud increasingly requires a holistic approach, integrating technology, processes and employee training. Many of the risk management leaders PYMNTS has spoken to have emphasized that the first line of defense is an organization’s own employees, making individual education around attack tactics, and the best practice methods to combat them, more important than ever.

Read more: AT&T Hacker Arrested: How the Cybersecurity Landscape Evolved Post-Snowflake Breach

The domain name dilemma is just one facet of an increasingly complex fraud landscape. Advances in AI, machine learning and cyber defense tools are critical, but businesses must remember that technology alone isn’t enough.

BEC attackers rely on a mix of human psychology and systemic vulnerabilities. Building a culture of vigilance, coupled with robust technical defenses, is the only way to stay one step ahead in this cat-and-mouse game.

“The barrier for entry has never been lower for threat actors,” Sunil Mallik, chief information security officer at Discover Global Network, told PYMNTS.

As the digital economy continues to grow, so too will the ingenuity of fraudsters. The question isn’t whether businesses will be targeted but how prepared they are to mitigate the inevitable.

The post Understanding the Shifting Anatomy of Next-Generation BEC Attacks appeared first on PYMNTS.com.