Socially engineered messages are messages that “appear legitimate and from a trustworthy source” sent by a malicious entity to direct users into performing specific actions such as opening an attachment, visiting a website, revealing account credentials, providing sensitive information, or transferring money. Socially engineered messages are likely to be work-related, infer a sense of urgency, or target a specific interest of users. They may also appear to come from someone known to users, such as a colleague, senior manager, or authoritative part of their organization (e.g., the information technology, human resources, or finance areas).

The one answer is – Anyone and everyone

• Users
• high profile individuals
• senior managers and their staff
• system administrators
• staff members from human resources, sales, marketing, finance, and legal areas.
• Contractors, suppliers, etc.

If you suspect that you have received a socially engineered message, do not delete or forward it. Contact your organization’s information technology help desk or security team and seek advice on how to proceed.

Security information and event management (SIEM)collect and aggregate logs from all IT infrastructure in one place and analyze them against the Use Cases to detect malicious activities.
Security Operation Centre (SOC)provides 24×7 monitoring of the environment leveraging SIEM solution where analysts triage each security alert for potential False Positive & True Positive.

A business email compromise is when criminals use email to abuse trust in business processes to scam organizations out of money or goods. Criminals can impersonate business representatives using similar names, domains, and/or fraudulent logos as legitimate organizations, using compromised email accounts, and pretending to be trusted co-workers. Common scams associated with business email compromise include; Invoice fraud, Employee impersonation, and Company impersonation.