BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks-Reference-Cited by-同舟云学术

BEC Defender: QR Code-Based Methodology for Prevention of Business Email Compromise (BEC) Attacks

Published:2024-03-05 Issue:5 Volume:24 Page:1676
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Papathanasiou Anastasios¹²,Liontos George³^ORCID,Paparis Georgios⁴,Liagkou Vasiliki²^ORCID,Glavas Euripides²^ORCID

Affiliation:

1. Cyber Crime Division, Hellenic Police, 173 Alexandras Avenue, 11522 Athens, Greece

2. Department of Informatics and Telecommunications, University of Ioannina, Kostaki Artas, 47150 Arta, Greece

3. Department of Materials Science and Engineering, University of Ioannina, 45110 Ioannina, Greece

4. Independent Researcher, 10678 Athens, Greece

Abstract

In an era of ever-evolving and increasingly sophisticated cyber threats, protecting sensitive information from cyberattacks such as business email compromise (BEC) attacks has become a top priority for individuals and enterprises. Existing methods used to counteract the risks linked to BEC attacks frequently prove ineffective because of the continuous development and evolution of these malicious schemes. This research introduces a novel methodology for safeguarding against BEC attacks called the BEC Defender. The methodology implemented in this paper augments the authentication mechanisms within business emails by employing a multi-layered validation process, which includes a MAC address as an identity token, QR code generation, and the integration of timestamps as unique identifiers. The BEC-Defender algorithm was implemented and evaluated in a laboratory environment, exhibiting promising results against BEC attacks by adding an extra layer of authentication.

Funder

mmersive Virtual, Augmented and Mixed Reality Center of Epirus

Competitiveness, Entrepreneurship and Innovation

European Regional Development Fund

Publisher

MDPI AG

Link

https://www.mdpi.com/1424-8220/24/5/1676/pdf

Reference57 articles.

1. (2023, November 01). Oberlo. Available online: https://www.oberlo.com/statistics/how-many-emails-are-sent-per-day.

2. The not yet exploited goldmine of OSINT: Opportunities, open challenges and future trends;Nespoli;IEEE Access,2020

3. Business email compromise (BEC) attacks;Humayun;Mater. Today Proc.,2021

4. Exploiting trust for financial gain: An overview of business email compromise (BEC) fraud;Cross;J. Financ. Crime,2020

5. FBI (2023, April 25). Internet Crime Report, Available online: https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf.