{"id":7936,"date":"2020-03-19T15:34:36","date_gmt":"2020-03-19T12:34:36","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=7936"},"modified":"2020-03-19T15:34:36","modified_gmt":"2020-03-19T12:34:36","slug":"what-is-bec-attack","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/what-is-bec-attack\/7936\/","title":{"rendered":"BEC sald\u0131r\u0131lar\u0131yla nas\u0131l ba\u015fa \u00e7\u0131k\u0131l\u0131r?"},"content":{"rendered":"<p>Siber su\u00e7lular s\u00fcrekli olarak \u015firketlere sald\u0131rman\u0131n yeni yollar\u0131n\u0131 ar\u0131yorlar. Son birka\u00e7 y\u0131lda, kurumsal yaz\u0131\u015fmalar\u0131 hedef alan \u015firket e-posta doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 (BEC) sald\u0131r\u0131lar\u0131na giderek daha fazla ba\u015fvurdular.<\/p>\n<p>ABD \u0130nternet Su\u00e7lar\u0131 \u015eikayet Merkezi (IC3) <a href=\"https:\/\/pdf.ic3.gov\/2019_IC3Report.pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">sadece 2019 y\u0131l\u0131nda FBI\u2019a bildirilen 23,775 benzer vaka oldu\u011funu bildirdi<\/a>; bu 2018\u2019den bu yana vakalarda 3500, zararda ise 1,2 milyar USD\u2019den 1,7 milyar USD\u2019ye art\u0131\u015f oldu\u011funu g\u00f6steriyor.<\/p>\n<h2>BEC sald\u0131r\u0131s\u0131 nedir?<\/h2>\n<p>BEC sald\u0131r\u0131s\u0131, a\u015fa\u011f\u0131daki yollar\u0131 kullanarak \u00e7al\u0131\u015fan\u0131 hedef alan bir siber su\u00e7 sald\u0131r\u0131s\u0131 olarak tan\u0131mlan\u0131r:<\/p>\n<ol>\n<li>Bir \u015firket \u00e7al\u0131\u015fan\u0131 ile e-posta al\u0131\u015fveri\u015fi ba\u015flatarak veya mevcut bir \u015firket e-posta hesab\u0131n\u0131 ele ge\u00e7irerek;<\/li>\n<li>\u00c7al\u0131\u015fan\u0131n g\u00fcvenini kazanarak;<\/li>\n<li>\u015eirketin veya m\u00fc\u015fterilerinin \u00e7\u0131karlar\u0131 i\u00e7in zararl\u0131 eylemleri te\u015fvik ederek.<\/li>\n<\/ol>\n<p>Genellikle eylemler su\u00e7lular\u0131n hesaplar\u0131na para transfer etmek veya gizli dosyalar g\u00f6ndermekle ilgili olsa da durum her zaman b\u00f6yle olmayabilir. \u00d6rne\u011fin, uzmanlar\u0131m\u0131z k\u0131sa bir s\u00fcre \u00f6nce, bir \u015firketin CEO\u2019sundan gelmi\u015f gibi g\u00f6r\u00fcnen ve baz\u0131 telefon numaralar\u0131na k\u0131sa mesajlarda hediye kart\u0131 kodlar\u0131 g\u00f6nderme talimatlar\u0131 i\u00e7eren bir istekle kar\u015f\u0131la\u015ft\u0131.<\/p>\n<p>BEC te\u015febb\u00fcsleri genellikle kimlik av\u0131 tarz\u0131 hileler kullan\u0131yor olsa da, bu sald\u0131r\u0131 biraz teknolojik uzmanl\u0131k, biraz da sosyal m\u00fchendislik kullan\u0131yordu. Ayr\u0131ca, kullan\u0131lan teknikler de kendine hast\u0131: \u0130letiler k\u00f6t\u00fc ama\u00e7l\u0131 ba\u011flant\u0131lar veya ekler i\u00e7ermiyordu, ancak sald\u0131rganlar posta istemcisini ve dolay\u0131s\u0131yla al\u0131c\u0131y\u0131 e-postan\u0131n hakiki oldu\u011funa ikna etmeye \u00e7al\u0131\u015f\u0131yordu. Ba\u015frolde sosyal m\u00fchendislik vard\u0131.<\/p>\n<p>Tipik olarak sald\u0131r\u0131dan \u00f6nce ma\u011fdurla ilgili verilerin dikkatli bir \u015fekilde toplan\u0131yordu; fail daha sonra bunlar\u0131 kurban\u0131n g\u00fcvenini kazanmak i\u00e7in kullan\u0131yordu. Yaz\u0131\u015fma iki veya \u00fc\u00e7 mesajdan da olu\u015fabiliyor, birka\u00e7 ay da s\u00fcrebiliyordu.<\/p>\n<p>Bu \u00f6rne\u011fin yan\u0131 s\u0131ra, \u00e7e\u015fitli senaryolar\u0131 ve teknolojileri birle\u015ftiren \u00e7ok a\u015famal\u0131 BEC sald\u0131r\u0131lar\u0131 da bahsetmeye de\u011fer. \u00d6rne\u011fin, siber su\u00e7lular \u00f6nce hedef odakl\u0131 kimlik av\u0131 kullanarak s\u0131radan bir \u00e7al\u0131\u015fan\u0131n kimlik bilgilerini \u00e7alabilir ve daha sonra \u015firketin \u00fcst d\u00fczey bir \u00e7al\u0131\u015fan\u0131na sald\u0131r\u0131 d\u00fczenleyebilir.<\/p>\n<h2>Yayg\u0131n BEC sald\u0131r\u0131s\u0131 senaryolar\u0131<\/h2>\n<p>Zaten olduk\u00e7a \u00e7ok say\u0131da BEC sald\u0131r\u0131 senaryosu var; bununla birlikte siber su\u00e7lular s\u00fcrekli yenilerini de icat ediyor. G\u00f6zlemlerimize g\u00f6re, \u00e7o\u011fu vaka d\u00f6rt sald\u0131r\u0131 \u00e7e\u015fidinden birine giriyor:<\/p>\n<ul>\n<li><strong>Sahte d\u0131\u015f taraf.<\/strong> Sald\u0131rganlar, al\u0131c\u0131n\u0131n \u015firketinin birlikte \u00e7al\u0131\u015ft\u0131\u011f\u0131 bir kurulu\u015fun temsilcisini taklit ediyor. Bu, bazen ma\u011fdur firman\u0131n ger\u00e7ekten de i\u015f yapt\u0131\u011f\u0131 ger\u00e7ek bir \u015firketin temsilcisi olabiliyor. Di\u011fer vakalarda ise siber su\u00e7lular, sahte bir \u015firketi temsil ediyormu\u015f gibi davranarak saf ve dikkatsiz kurbanlar\u0131 kand\u0131rmaya \u00e7al\u0131\u015f\u0131yorlar.<\/li>\n<li><strong>Patrondan talimatlar.<\/strong> Burada, siber su\u00e7lular teknik hileler veya sosyal m\u00fchendislik kullanarak (genellikle y\u00fcksek r\u00fctbeli) bir y\u00f6netici ad\u0131na sahte bir mesaj olu\u015fturuyor.<\/li>\n<li><strong>Bir avukat\u0131n mesaj\u0131.<\/strong> Doland\u0131r\u0131c\u0131lar, y\u00fcksek r\u00fctbeli bir \u00e7al\u0131\u015fandan (hatta bazen CEO\u2019dan) acilen ve her \u015feyden \u00f6nce gizli olarak bir tak\u0131m fonlar veya hassas bilgiler talep ediyorlar. Genellikle, d\u0131\u015far\u0131dan bir muhasebeci, tedarik\u00e7i veya lojistik \u015firketi gibi bir y\u00fckleniciyi taklit ediyorlar. Bununla birlikte, acil ve gizli yan\u0131t gerektiren \u00e7o\u011fu durum yasal nitelikte oldu\u011fu i\u00e7in mesajlar genellikle bir avukat veya hukuk firmas\u0131 ad\u0131na g\u00f6nderiliyor.<\/li>\n<li><strong>E-posta korsanl\u0131\u011f\u0131.<\/strong> Davetsiz misafir, \u00e7al\u0131\u015fan\u0131n postas\u0131na eri\u015fim kazan\u0131yor ve ya para transferi ya da veri g\u00f6nderme talimat\u0131 veriyor veya bunlar\u0131 yapmaya yetkili ki\u015filerle bir yaz\u0131\u015fma ba\u015flat\u0131yor. Bu se\u00e7enek \u00f6zellikle tehlikeli, \u00e7\u00fcnk\u00fc sald\u0131rgan giden kutusundaki iletileri de g\u00f6r\u00fcnt\u00fcleyebildi\u011fi i\u00e7in \u00e7al\u0131\u015fan\u0131n ileti\u015fim stilini kolayca taklit edebiliyor.<\/li>\n<\/ul>\n<h2>BEC sald\u0131r\u0131 teknikleri<\/h2>\n<p>BEC sald\u0131r\u0131lar\u0131 teknolojik a\u00e7\u0131dan da geli\u015fiyor. 2013\u2019te CEO\u2019lar\u0131n veya CFO\u2019lar\u0131n ele ge\u00e7irilmi\u015f e-posta hesaplar\u0131n\u0131 kullan\u0131yorlard\u0131, bug\u00fcn ise teknik hileler, sosyal m\u00fchendislik ve kurban\u0131n dikkatsizli\u011finin bir birle\u015fimini kullanarak bir ba\u015fkas\u0131n\u0131 ba\u015far\u0131yla taklit etmeye dayal\u0131 y\u00f6ntemleri daha \u00e7ok kullan\u0131yorlar. \u0130\u015fte kulland\u0131klar\u0131 temel teknik p\u00fcf noktalar\u0131:<\/p>\n<ul>\n<li><strong>E-posta g\u00f6nderen kimli\u011fi sahtekarl\u0131\u011f\u0131<\/strong>. Doland\u0131r\u0131c\u0131, sahte posta ba\u015fl\u0131klar\u0131 kullan\u0131r. Bunun sonucunda, \u00f6rne\u011fin, phisher@email.com adresinden g\u00f6nderilen bir mesaj, kurban\u0131n gelen kutusunda CEO@sirketiniz.com\u2019dan geliyor gibi g\u00f6r\u00fcnebilir. Bu y\u00f6ntemin bir\u00e7ok varyasyonu vard\u0131r ve farkl\u0131 ba\u015fl\u0131klar \u00e7e\u015fitli \u015fekillerde de\u011fi\u015ftirilebilir. Bu sald\u0131r\u0131 y\u00f6nteminin ba\u015fl\u0131ca tehlikesi, yaln\u0131zca sald\u0131rganlar\u0131n ileti ba\u015fl\u0131klar\u0131n\u0131 manip\u00fcle etmesinin yan\u0131 s\u0131ra, \u00e7e\u015fitli nedenlerle me\u015fru g\u00f6nderenlerin de bunu yapabilmesidir.<\/li>\n<li><strong>Benzer alan adlar\u0131.<\/strong> Siber su\u00e7lu, kurban\u0131nkine \u00e7ok benzeyen bir alan ad\u0131 kaydeder. \u00d6rne\u011fin, example.com yerine examp1e.com gibi. Daha sonra, dikkatsiz bir \u00e7al\u0131\u015fan\u0131n sahte alan ad\u0131n\u0131 tespit edemeyece\u011fi umuduyla CEO@examp1e.com adresinden mesajlar g\u00f6nderir. Buradaki zorluk, sald\u0131rgan\u0131n ger\u00e7ekte sahte alana sahip olmas\u0131ndan kaynaklanmaktad\u0131r; bu nedenle g\u00f6nderen hakk\u0131ndaki bilgiler t\u00fcm geleneksel g\u00fcvenlik kontrollerini ge\u00e7ecektir.<\/li>\n<li><strong>E-posta k\u00f6t\u00fcye kullan\u0131m\u0131.<\/strong> E-posta istemcilerinde her zaman yeni g\u00fcvenlik a\u00e7\u0131klar\u0131 bulunabilir. Bunlar bazen istemciyi yanl\u0131\u015f ad veya g\u00f6nderen adresi g\u00f6r\u00fcnt\u00fclemeye zorlamak i\u00e7in kullan\u0131labilir. Neyse ki, bu t\u00fcr g\u00fcvenlik a\u00e7\u0131klar\u0131 h\u0131zl\u0131 bir \u015fekilde bilgi g\u00fcvenli\u011fi \u015firketlerinin dikkatini \u00e7eker ve g\u00fcvenlik \u00e7\u00f6z\u00fcmlerinin kullan\u0131mlar\u0131n\u0131 izleyerek sald\u0131r\u0131lar\u0131 \u00f6nlemelerini sa\u011flar.<\/li>\n<li><strong>E-posta korsanl\u0131\u011f\u0131<\/strong>. Sald\u0131rganlar bir posta hesab\u0131na tam eri\u015fim elde eder, bunun \u00fczerine ger\u00e7ek hesaplardan neredeyse ay\u0131rt edilemeyen mesajlar g\u00f6nderebilirler. Bu t\u00fcr sald\u0131r\u0131lara kar\u015f\u0131 otomatik olarak korunman\u0131n tek yolu, e-postalar\u0131n yazarl\u0131\u011f\u0131n\u0131 belirlemek i\u00e7in makine \u00f6\u011frenimi ara\u00e7lar\u0131n\u0131 kullanmakt\u0131r.<\/li>\n<\/ul>\n<h2>Kar\u015f\u0131la\u015ft\u0131\u011f\u0131m\u0131z vakalar<\/h2>\n<p>M\u00fc\u015fterilerimizin gizlili\u011fine sayg\u0131 duyuyoruz, bu y\u00fczden a\u015fa\u011f\u0131dakiler ger\u00e7ek mesajlar de\u011fil, yaln\u0131zca yayg\u0131n g\u00f6r\u00fclen baz\u0131 BEC olas\u0131l\u0131klar\u0131n\u0131 temsil eden \u00f6rnekler.<\/p>\n<h3>Yanl\u0131\u015f ad<\/h3>\n<p>Sald\u0131rgan, patronuymu\u015f gibi yaparak potansiyel bir kurbanla temas kurmaya \u00e7al\u0131\u015f\u0131r. Al\u0131c\u0131n\u0131n ger\u00e7ek k\u0131demli memurla ileti\u015fim kurmaya \u00e7al\u0131\u015fmamas\u0131 i\u00e7in doland\u0131r\u0131c\u0131, hem talebin aciliyetini hem de patrona di\u011fer ileti\u015fim kanallar\u0131 arac\u0131l\u0131\u011f\u0131yla eri\u015fmenin m\u00fcmk\u00fcn olmad\u0131\u011f\u0131n\u0131 vurgular:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7939\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2020\/03\/19140206\/what-is-BEC-attack-Example-1.png\" alt=\"\" width=\"588\" height=\"343\"><\/p>\n<p>Dikkatlice bakarsan\u0131z g\u00f6nderenin ad\u0131n\u0131n (Bob) ger\u00e7ek e-posta adresi ile uyu\u015fmad\u0131\u011f\u0131n\u0131 fark edebilirsiniz (not_bob@gmail.com). Bu durumda, sald\u0131rgan yaln\u0131zca ileti a\u00e7\u0131ld\u0131\u011f\u0131nda g\u00f6r\u00fcnt\u00fclenen ad\u0131 taklit eder. Bu sald\u0131r\u0131 t\u00fcr\u00fc, varsay\u0131lan olarak adreslerini de\u011fil, yaln\u0131zca g\u00f6nderenin ad\u0131n\u0131 g\u00f6r\u00fcnt\u00fcleyen mobil cihazlarda etkilidir.<\/p>\n<h3>Sahte adres<\/h3>\n<p>Muhasebe\u2019den banka bilgilerini de\u011fi\u015ftirmeye yetkili bir \u00e7al\u0131\u015fan arayan siber su\u00e7lu, \u015funlar\u0131 yazar:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7942\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2020\/03\/19140452\/what-is-BEC-attack-Example2.jpg\" alt=\"\" width=\"839\" height=\"227\"><\/p>\n<p>Burada, ileti ba\u015fl\u0131\u011f\u0131 de\u011fi\u015ftirilir, b\u00f6ylece istemci me\u015fru \u00e7al\u0131\u015fan\u0131n hem ad\u0131n\u0131 hem de e-posta adresini g\u00f6r\u00fcnt\u00fcler, ancak sald\u0131rgan\u0131n e-postas\u0131 yan\u0131t\u0131n g\u00f6nderilece\u011fi adresi olarak verilir. Sonu\u00e7 olarak, bu iletiye verilen yan\u0131tlar, not_bob@gmail.com adresine gider. Bir\u00e7ok istemci varsay\u0131lan olarak yan\u0131tlama alan\u0131n\u0131 gizler, bu nedenle bu ileti yak\u0131n denetimde bile orijinalmi\u015f gibi g\u00f6r\u00fcn\u00fcr. Teorik olarak, b\u00f6yle bir mesaj\u0131 kullanan bir sald\u0131r\u0131, kurumsal posta sunucusunda SPF, DKIM ve DMARC do\u011fru yap\u0131land\u0131r\u0131larak durdurulabilir.<\/p>\n<h3>Hayalet Kimlik Sahtekarl\u0131\u011f\u0131<\/h3>\n<p>Y\u00f6netici gibi davranan sald\u0131rgan, \u00e7al\u0131\u015fan\u0131 sahte bir avukatla i\u015fbirli\u011fi yap\u0131lmas\u0131 gerekti\u011fine ikna eder; bu avukat k\u0131sa bir s\u00fcre i\u00e7inde \u00e7al\u0131\u015fanla ileti\u015fim kuracakt\u0131r:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7943\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2020\/03\/19140531\/what-is-BEC-attack-Example-3-EN.jpg\" alt=\"\" width=\"680\" height=\"312\"><\/p>\n<p>Burada, g\u00f6nderen alan\u0131 yaln\u0131zca ad\u0131 de\u011fil, ayn\u0131 zamanda sahte e-posta adresini de i\u00e7erir. Bu hile, en ileri teknikleri kullanmasa da, \u00f6zellikle de ger\u00e7ek adres al\u0131c\u0131n\u0131n ekran\u0131nda g\u00f6r\u00fcnt\u00fclenmiyorsa (\u00f6rne\u011fin, sadece \u00e7ok uzun oldu\u011fu i\u00e7in) bir\u00e7ok ki\u015fi bu tuza\u011fa d\u00fc\u015fer.<\/p>\n<h3>Benzer alan ad\u0131<\/h3>\n<p>Ba\u015fka bir siber su\u00e7lu, bir \u015firket \u00e7al\u0131\u015fan\u0131 ile e-posta al\u0131\u015fveri\u015fi ba\u015flatmaya \u00e7al\u0131\u015f\u0131r:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7944\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2020\/03\/19140609\/what-is-BEC-attack-Example-4.jpg\" alt=\"\" width=\"722\" height=\"167\"><\/p>\n<p>Bu, yukar\u0131da bahsetti\u011fimiz benzer alan ad\u0131 y\u00f6ntemine bir \u00f6rnek. Doland\u0131r\u0131c\u0131, \u00f6nce g\u00fcvenilir olana benzer bir alan\u0131 ad\u0131 al\u0131r (bu durumda example.com yerine examp1e.com ) ve al\u0131c\u0131n\u0131n aradaki farka dikkat etmeyece\u011fini umar.<\/p>\n<h2>Y\u00fcksek profilli BEC sald\u0131r\u0131lar\u0131<\/h2>\n<p>Bir\u00e7ok yeni haber, \u00e7e\u015fitli \u015fekil ve b\u00fcy\u00fckl\u00fckteki \u015firketlere ciddi zarar veren BEC sald\u0131r\u0131lar\u0131na dikkat \u00e7ekiyor. \u0130\u015fte en ilgin\u00e7lerinden baz\u0131lar\u0131:<\/p>\n<ul>\n<li>Bir siber su\u00e7lu, Tayvanl\u0131 bir elektronik \u00fcreticisininkini taklit eden bir alan ad\u0131 olu\u015fturduktan sonra iki y\u0131l boyunca bu alan ad\u0131n\u0131 (<a href=\"https:\/\/www.theregister.co.uk\/2019\/03\/21\/facebook_google_scam\/\" target=\"_blank\" rel=\"noopener nofollow\">Facebook ve Google dahil<\/a>) b\u00fcy\u00fck \u015firketlere fatura g\u00f6ndermek i\u00e7in kulland\u0131 ve bu s\u00fcre\u00e7te 120 milyon dolar kazand\u0131.<\/li>\n<li>Bir in\u015faat \u015firketini taklit eden siber su\u00e7lular, South Oregon \u00dcniversitesi\u2019ni <a href=\"https:\/\/www.ibtimes.com\/fradulent-email-business-email-compromise-attack-costs-southern-oregon-university-2m-2551724\" target=\"_blank\" rel=\"noopener nofollow\">sahte hesaplara yakla\u015f\u0131k 2 milyon dolar transfer etmeye ikna etti<\/a>.<\/li>\n<li>Baz\u0131 doland\u0131r\u0131c\u0131lar, birinin ad\u0131n\u0131 i\u00e7eren ancak farkl\u0131 bir alan uzant\u0131s\u0131na sahip bir alan ad\u0131yla iki futbol kul\u00fcb\u00fc aras\u0131nda ge\u00e7en yaz\u0131\u015fmalara kar\u0131\u015ft\u0131. \u0130ki kul\u00fcp, Boca Juniors ve Paris Saint-Germain, bir oyuncunun transferini ve komisyon anla\u015fmas\u0131n\u0131 tart\u0131\u015f\u0131yorlard\u0131. Sonu\u00e7 olarak, neredeyse <a href=\"https:\/\/www.kaspersky.com\/blog\/boca-juniors-case\/27107\/\" target=\"_blank\" rel=\"noopener nofollow\">520.000 EUR Meksika\u2019daki \u00e7e\u015fitli hileli hesaplara gitti<\/a>.<\/li>\n<li>Toyota\u2019n\u0131n Avrupa kolu, bir \u00e7al\u0131\u015fan\u0131n ger\u00e7ek zannederek yapt\u0131\u011f\u0131 sahte banka havalesi talimat\u0131n\u0131n sonucunda siber su\u00e7lulara <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/bec-toyota\/6467\/\" target=\"_blank\" rel=\"noopener\">37 milyon dolardan fazla kapt\u0131rd\u0131<\/a>.<\/li>\n<\/ul>\n<h2>BEC sald\u0131r\u0131lar\u0131 nas\u0131l ele al\u0131nmal\u0131<\/h2>\n<p>Siber su\u00e7lular, g\u00fcven kazanmak ve sahtekarl\u0131k yapmak i\u00e7in olduk\u00e7a \u00e7e\u015fitli teknik hileler ve sosyal m\u00fchendislik y\u00f6ntemleri kullan\u0131r. Bununla birlikte, bir dizi etkili \u00f6nlem almak BEC sald\u0131r\u0131lar\u0131n\u0131n tehdidini en aza indirebilir:<\/p>\n<ul>\n<li>SPF olu\u015fturun, DKIM imzalar\u0131n\u0131 kullan\u0131n ve sahte i\u00e7 yaz\u0131\u015fmalara kar\u015f\u0131 koruma sa\u011flamak i\u00e7in bir DMARC politikas\u0131 uygulay\u0131n. Teorik olarak, bu \u00f6nlemler ayn\u0131 zamanda di\u011fer \u015firketlerin kurulu\u015funuz ad\u0131na g\u00f6nderilen e-postalar\u0131n kimli\u011fini do\u011frulamas\u0131na da olanak sa\u011flar (elbette o \u015firketlerin de bu teknolojilere sahip oldu\u011funu varsayarak). Bu y\u00f6ntem <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/36c3-fake-emails\/7644\/\" target=\"_blank\" rel=\"noopener\">baz\u0131 durumlarda yetersiz kalabilir<\/a> (hayalet kimlik sahtecili\u011fini veya benzer alan adlar\u0131n\u0131 \u00f6nleyememek gibi), ancak ne kadar \u00e7ok say\u0131da \u015firket SPF, DKIM ve DMARC kullan\u0131rsa siber su\u00e7lulular o kadar az hareket alan\u0131na sahip olurlar. Bu teknolojilerin kullan\u0131lmas\u0131, e-posta \u00fcstbilgileriyle bir\u00e7ok k\u00f6t\u00fc ama\u00e7l\u0131 i\u015flem t\u00fcr\u00fcne kar\u015f\u0131 bir t\u00fcr toplu ba\u011f\u0131\u015f\u0131kl\u0131\u011fa katk\u0131da bulunur.<\/li>\n<li>\u00c7al\u0131\u015fanlar\u0131 sosyal m\u00fchendisli\u011fe kar\u015f\u0131 periyodik olarak e\u011fitin. Bir <a href=\"https:\/\/k-asap.com\/en\/\" target=\"_blank\" rel=\"noopener\">at\u00f6lye ve sim\u00fclasyon kombinasyonu<\/a>, \u00e7al\u0131\u015fanlar\u0131 uyan\u0131k olmak ve di\u011fer savunma katmanlar\u0131ndan ge\u00e7en BEC sald\u0131r\u0131lar\u0131n\u0131 tespit etmek \u00fczere e\u011fitebilir.<\/li>\n<li>Bu yaz\u0131da anlat\u0131lan sald\u0131r\u0131 vekt\u00f6rlerinin b\u00fcy\u00fck k\u0131sm\u0131n\u0131 alt etmek i\u00e7in <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/microsoft-office-365-security\" target=\"_blank\" rel=\"noopener\">anti-BEC technolojilerinde uzmanla\u015fm\u0131\u015f<\/a> bir <a href=\"https:\/\/kas.pr\/kdkesbtr\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> kullan\u0131n.<\/li>\n<\/ul>\n<p>Laboratuvar\u0131m\u0131zda \u00f6zel olarak olu\u015fturulan i\u00e7erik filtrelemeli Kaspersky \u00e7\u00f6z\u00fcmleri, zaten bir\u00e7ok BEC sald\u0131r\u0131s\u0131 t\u00fcr\u00fcn\u00fc tespit eder. Uzmanlar\u0131m\u0131z s\u00fcrekli olarak en geli\u015fmi\u015f ve sofistike doland\u0131r\u0131c\u0131l\u0131klara kar\u015f\u0131 daha fazla koruma sa\u011flayacak teknolojiler geli\u015ftirmektedir.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>D\u00fcnya \u00e7ap\u0131ndaki \u015firketler d\u00fczenli olarak \u015firket e-posta doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 (BEC) sald\u0131r\u0131lar\u0131na maruz kal\u0131yor. Bu yaz\u0131da bu tehlikeyi ve nas\u0131l en aza indirilece\u011fini anlat\u0131yoruz.<\/p>\n","protected":false},"author":2569,"featured_media":7937,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[2019,1921,1074],"class_list":{"0":"post-7936","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-bec","10":"tag-e-posta","11":"tag-kimlik-avi"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/what-is-bec-attack\/7936\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/what-is-bec-attack\/19587\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/what-is-bec-attack\/16127\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/what-is-bec-attack\/21158\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/what-is-bec-attack\/19421\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/what-is-bec-attack\/17937\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/what-is-bec-attack\/22178\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/what-is-bec-attack\/20990\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/what-is-bec-attack\/27623\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/what-is-bec-attack\/34135\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/what-is-bec-attack\/14811\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/what-is-bec-attack\/13181\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/what-is-bec-attack\/23416\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/what-is-bec-attack\/27902\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/what-is-bec-attack\/25144\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/what-is-bec-attack\/21831\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/what-is-bec-attack\/27040\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/what-is-bec-attack\/26879\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/bec\/","name":"BEC"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7936","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2569"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=7936"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7936\/revisions"}],"predecessor-version":[{"id":7946,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7936\/revisions\/7946"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/7937"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=7936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=7936"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=7936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}