{"id":5155,"date":"2019-10-18T16:49:00","date_gmt":"2019-10-18T13:49:00","guid":{"rendered":"https:\/\/spcsb.md\/?p=5155"},"modified":"2025-09-26T16:50:35","modified_gmt":"2025-09-26T13:50:35","slug":"interpol-a-lansat-campania-globala-business-e-mail-compromise","status":"publish","type":"post","link":"https:\/\/spcsb.md\/en\/interpol-a-lansat-campania-globala-business-e-mail-compromise\/","title":{"rendered":"INTERPOL a lansat campania global\u0103 \u201dBusiness E-mail Compromise\u201d"},"content":{"rendered":"

Prin campania global\u0103 lansat\u0103 \u201dBEC\u201d, INTERPOL aten\u021bioneaz\u0103 asupra posibilit\u0103\u021bilor de fraude informatice prin intermediul po\u0219tei electronice. Astfel, \u00een acest scop, infractorii acceseaz\u0103 \u00een mod neautorizat conturile de e-mail ale unor societ\u0103\u021bi comerciale din str\u0103in\u0103tate, monitorizarea coresponden\u021bei angaja\u021bilor societ\u0103\u021bii respective \u0219i simularea coresponden\u021bei reale pe care ace\u0219tia o poart\u0103 cu societatea partener\u0103 de afaceri, prin intermediul unei adrese de e-mail asem\u0103n\u0103toare sau identice. Aceast\u0103 activitate are drept scop deturnarea transferului de bani c\u0103tre un cont bancar diferit fa\u021b\u0103 de cel al beneficiarului legitim, contul bancar fiind controlat de c\u0103tre membrii grup\u0103rii infrac\u021bionale.<\/p>\n

Frauda \u0163inte\u015fte societ\u0103\u0163ile comerciale care lucreaz\u0103 cu furnizori sau clien\u0163i str\u0103ini (activit\u0103\u0163i de comer\u0163 exterior) \u015fi fac cu regularitate pl\u0103\u0163i prin transfer bancar.<\/p>\n

Strategii de protec\u0163ie \u00eempotriva BEC: <\/strong><\/p>\n

– evita\u0163i utilizarea conturilor de e-mail web-based (yahoo, hotmail, gmail etc) pentru activitatea societ\u0103\u0163ii comerciale. Recomandabil\u0103 este utilizarea unor conturi de e-mail dintr-un domeniu propriu.<\/p>\n

– fi\u0163i suspicio\u015fi cu privire la mesajele \u00een care se solicit\u0103 efectuarea unor opera\u0163iuni \u00een secret sau a unor opera\u0163iuni rapide c\u0103tre destinatari incer\u0163i sau neverifica\u0163i.<\/p>\n

– ave\u0163i \u00een vedere crearea unor proceduri minimale de audit IT \u015fi de securitate referitoare la pl\u0103\u0163i, \u00een sensul implement\u0103rii unei verific\u0103ri \u00een minim doi pa\u015fi.<\/p>\n

– stabili\u0163i o comunicare alternativ\u0103, cum ar fi cea telefonic\u0103 cu furnizorul sau clientul str\u0103in pentru a valida orice schimbare a practicii comerciale statuate, pentru a elimina posibilitatea hackerului de a intercepta o eventual\u0103 comunica\u0163ie.<\/p>\n

– utilizarea de semn\u0103turi digitale sau a cript\u0103rii mesajelor \u00eentre p\u0103r\u0163ile implicate \u00een activitatea comercial\u0103.<\/p>\n

– raportarea \u015fi nedeschiderea mesajelor nesolicitate sau de tip SPAM, acestea put\u00e2nd con\u0163ine malware.<\/p>\n

– nu utiliza\u0163i func\u0163ia \u201eReply\u201d pentru a r\u0103spunde \u00een coresponden\u0163a de serviciu. Folosi\u0163i func\u0163ia \u201eForward\u201d \u015fi scrie\u0163i manual sau selecta\u0163i din agend\u0103 adresa de e-mail unde dori\u0163i s\u0103 transmite\u0163i mesajul.<\/p>\n

Recomandare general\u0103 de preven\u0163ie:<\/strong><\/p>\n

– fi\u0163i precau\u0163i la schimbarea subit\u0103 a unor practici comerciale stabilite anterior, \u00een special a conturilor de e-mail sau conturilor bancare \u015fi a valutelor \u00een care se fac pl\u0103\u0163ile, precum \u015fi \u0163\u0103rii \u00een care sunt deschise conturile.<\/p>\n

-verifica\u0163i \u015fi telefonic la furnizor sau client, la un num\u0103r de telefon de\u0163inut anterior \u015fi verificat, dac\u0103 modific\u0103rile solicitate prin e-mail sunt reale.<\/p>\n

Frauda are trei componente principale: <\/strong>componenta de Social Engineering \u2013 prin care se str\u00e2ng date istorice online referitoare la societ\u0103\u0163ile \u0163intite (sediu social, persoane din management, CUI, cont bancar, adrese de po\u015ft\u0103 electronic\u0103, portofoliu de clien\u0163i, eventuale documente accesibile online ce prezint\u0103 elemente de identificare ale societ\u0103\u0163ii comerciale ce pot fi utilizate pentru a crea aparen\u0163a de legitimitate), componenta de intruziune\/compromitere a adresei de po\u015ft\u0103 electronic\u0103.(EAC \u2013 Email Account Compromise.) \u015fi deschiderea unui cont cu acte false \u00een str\u0103in\u0103tate, pe numele furnizorului sau clientului str\u0103in.<\/p>","protected":false},"excerpt":{"rendered":"

Prin campania global\u0103 lansat\u0103 \u201dBEC\u201d, INTERPOL aten\u021bioneaz\u0103 asupra posibilit\u0103\u021bilor de fraude informatice prin intermediul po\u0219tei electronice. Astfel, \u00een acest scop, infractorii acceseaz\u0103 \u00een mod neautorizat conturile de e-mail ale unor societ\u0103\u021bi comerciale din str\u0103in\u0103tate, monitorizarea coresponden\u021bei angaja\u021bilor societ\u0103\u021bii respective \u0219i…<\/p>","protected":false},"author":7,"featured_media":5083,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","slim_seo":{"title":"INTERPOL a lansat campania global\u0103 \u201dBusiness E-mail Compromise\u201d - Serviciul Prevenirea \u015fi Combaterea Sp\u0103l\u0103rii Banilor","description":"Prin campania global\u0103 lansat\u0103 \u201dBEC\u201d, INTERPOL aten\u021bioneaz\u0103 asupra posibilit\u0103\u021bilor de fraude informatice prin intermediul po\u0219tei electronice. Astfel, \u00een acest sc"},"footnotes":""},"categories":[4],"tags":[],"class_list":["post-5155","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-comunicate"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/posts\/5155","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/comments?post=5155"}],"version-history":[{"count":1,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/posts\/5155\/revisions"}],"predecessor-version":[{"id":5156,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/posts\/5155\/revisions\/5156"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/media\/5083"}],"wp:attachment":[{"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/media?parent=5155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/categories?post=5155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/spcsb.md\/en\/wp-json\/wp\/v2\/tags?post=5155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}