{"id":2040,"date":"2022-01-26T18:24:17","date_gmt":"2022-01-26T15:24:17","guid":{"rendered":"https:\/\/uzmanposta.com\/blog\/?p=2040"},"modified":"2023-03-04T11:44:42","modified_gmt":"2023-03-04T08:44:42","slug":"bec","status":"publish","type":"post","link":"https:\/\/uzmanposta.com\/blog\/bec\/","title":{"rendered":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir?"},"content":{"rendered":"\n

Business email compromise (BEC)<\/strong> yani i\u015f e-posta g\u00fcvenli\u011fi<\/strong>, karma\u015f\u0131k bir siber su\u00e7tur. Bilgisayar korsanlar\u0131, me\u015fru g\u00f6r\u00fcnerek g\u00fcvenli\u011fi ihlal edilmi\u015f e-posta hesaplar\u0131ndan yararlan\u0131r ve e-posta al\u0131c\u0131lar\u0131n\u0131n kredi kart\u0131 ayr\u0131nt\u0131lar\u0131n\u0131, ticari s\u0131rlar\u0131n\u0131, hassas verilerini veya bilgilerini payla\u015fmas\u0131na veya para g\u00f6ndermelerine ikna i\u00e7in \u00e7al\u0131\u015f\u0131r. BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131, veri h\u0131rs\u0131zl\u0131\u011f\u0131, olas\u0131 finansal kay\u0131plar ve zarar g\u00f6rm\u00fc\u015f marka imaj\u0131 gibi zorluklar yaratan k\u00fcresel i\u015fletmeler i\u00e7in artan bir endi\u015fe kayna\u011f\u0131d\u0131r.<\/p>\n\n\n\n

Business Email Compromise (BEC) Nedir?<\/h2>\n\n\n\n

E-posta yoluyla yap\u0131lan bir sald\u0131r\u0131 y\u00f6ntemi olan Business E-mail Compromise (BEC), genellikle yurt d\u0131\u015f\u0131 tedarik\u00e7ileri olan \u015firketleri hedef al\u0131r. Sald\u0131r\u0131, \u00fcst d\u00fczey y\u00f6neticilerin veya \u00e7al\u0131\u015fanlar\u0131n sosyal m\u00fchendislik sald\u0131r\u0131lar\u0131 sonucu e-posta hesaplar\u0131n\u0131n ele ge\u00e7irilmesi veya benzer e-posta hesaplar\u0131n\u0131n kullan\u0131larak onlar\u0131n ad\u0131na e-posta g\u00f6nderilmesi yoluyla ger\u00e7ekle\u015ftirilir.<\/p>\n\n\n\n

Business Email Compromise (BEC) Sald\u0131r\u0131 Teknikleri<\/h2>\n\n\n\n

BEC, bir\u00e7ok farkl\u0131 teknik kullanarak ger\u00e7ekle\u015ftirilebilir. Bunlar aras\u0131nda, sahte bir e-posta adresi kullanarak e-posta g\u00f6ndermek, bir tedarik\u00e7i hesab\u0131na eri\u015fmek ve doland\u0131r\u0131c\u0131l\u0131k amac\u0131yla para transferi yapmak gibi y\u00f6ntemler yer al\u0131r. Sald\u0131rganlar, tipik olarak bir \u00e7e\u015fit sosyal m\u00fchendislik tekni\u011fi kullanarak, \u015firketin \u00e7al\u0131\u015fanlar\u0131ndan birini kand\u0131rmaya \u00e7al\u0131\u015f\u0131rlar. Bu teknik, \u015firket i\u00e7inde bir yere sahip olan ki\u015filerin ad\u0131na yap\u0131lan e-postalar\u0131n daha ger\u00e7ek\u00e7i g\u00f6r\u00fcnmesini sa\u011flar.<\/p>\n\n\n\n

BEC sald\u0131r\u0131lar\u0131n\u0131n ba\u015far\u0131l\u0131 olabilmesi i\u00e7in, genellikle \u00e7ok say\u0131da farkl\u0131 fakt\u00f6r\u00fcn bir araya gelmesi gerekmektedir. Bunlar aras\u0131nda, y\u00f6neticilerin ve \u00e7al\u0131\u015fanlar\u0131n e-posta g\u00fcvenli\u011fi konusunda yeterince bilgili olmamalar\u0131, kurum i\u00e7i ileti\u015fim eksikli\u011fi, yeterli g\u00fcvenlik \u00f6nlemlerinin al\u0131nmamas\u0131, banka hesaplar\u0131na eri\u015fim bilgilerinin sald\u0131rganlar taraf\u0131ndan ele ge\u00e7irilmesi ve sahte belgelerin kullan\u0131lmas\u0131 yer al\u0131r.<\/p>\n\n\n\n

BEC sald\u0131r\u0131lar\u0131, \u015firketlerin itibar\u0131n\u0131 ve finansal durumunu ciddi \u015fekilde etkileyebilir. Doland\u0131r\u0131c\u0131l\u0131k sonucunda \u015firketler, b\u00fcy\u00fck maddi kay\u0131plar ya\u015fayabilirler ve hatta i\u015flerini kaybedebilirler. Bu nedenle, \u015firketlerin, \u00e7al\u0131\u015fanlar\u0131n\u0131n ve y\u00f6neticilerinin e-posta g\u00fcvenli\u011fi konusunda dikkatli olmas\u0131 ve yeterli \u00f6nlemleri almas\u0131 b\u00fcy\u00fck \u00f6nem ta\u015f\u0131yor.<\/p>\n\n\n\n

Business Email Compromise (BEC) Nas\u0131l \u00c7al\u0131\u015f\u0131r?<\/h2>\n\n\n\n

Standart siber g\u00fcvenlik ara\u00e7lar\u0131 kullan\u0131larak tespit edilebilecek k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m veya k\u00f6t\u00fc ama\u00e7l\u0131 URL’ler kullan\u0131lmad\u0131\u011f\u0131ndan BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131n\u0131n izlenmesi zordur. Bunun yerine, e-posta al\u0131c\u0131lar\u0131n\u0131 kand\u0131rmak i\u00e7in geli\u015fmi\u015f kimlik av\u0131, sosyal m\u00fchendislik ve kimli\u011fe b\u00fcr\u00fcnme tekniklerine ve insan unsuruna \u00e7ok g\u00fcvenirler. Sald\u0131rganlar\u0131n bir BEC sald\u0131r\u0131s\u0131 ger\u00e7ekle\u015ftirmek i\u00e7in uygulayabilece\u011fi temel ad\u0131mlar a\u015fa\u011f\u0131daki gibidir:<\/p>\n\n\n\n

1. Ara\u015ft\u0131rma ve Hedefleme<\/h3>\n\n\n\n

Ba\u015far\u0131l\u0131 bir BEC doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 y\u00fcr\u00fctmek i\u00e7in bilgisayar korsanlar\u0131, hedef i\u015fletme ve \u00e7al\u0131\u015fanlar\u0131 hakk\u0131nda ayr\u0131nt\u0131l\u0131 ara\u015ft\u0131rma ile i\u015fe ba\u015flar. Web sitelerinden, sosyal medya platformlar\u0131ndan ve di\u011fer halka a\u00e7\u0131k forumlardan, \u00e7al\u0131\u015fan ileti\u015fim bilgilerini ve \u015firket ayr\u0131nt\u0131lar\u0131n\u0131 \u00e7\u0131kar\u0131rlar. \u00c7o\u011fu BEC sald\u0131r\u0131s\u0131 genellikle CEO’lar, avukatlar veya \u015firket ad\u0131na \u00f6deme yapmaktan sorumlu finans departman\u0131 \u00e7al\u0131\u015fanlar\u0131 gibi \u00fcst d\u00fczey y\u00f6neticileri hedef al\u0131r.<\/p>\n\n\n\n

2. Sald\u0131r\u0131 Kurma<\/h3>\n\n\n\n

Hedef e-posta hesaplar\u0131 listesini sonland\u0131rd\u0131ktan sonra, bilgisayar korsanlar\u0131 toplanan bilgileri e-posta adreslerini yan\u0131ltmak, benzer alan ad\u0131lar\u0131 olu\u015fturmak veya bir i\u015fletmenin e-posta sistemini hacklemek i\u00e7in kullan\u0131r (kimlik av\u0131 tekniklerinden yararlanarak). Ba\u015far\u0131l\u0131 BEC sald\u0131r\u0131lar\u0131n\u0131 ger\u00e7ekle\u015ftirmenin alt\u0131nda yatan en \u00f6nemli fakt\u00f6r, e-posta al\u0131c\u0131lar\u0131n\u0131n g\u00fcvendi\u011fi payda\u015flar\u0131 taklit etmek veya kurban\u0131n e-posta g\u00f6ndermek i\u00e7in g\u00fcvendi\u011fi CEO’lar veya i\u015f arkada\u015flar\u0131 gibi \u00fcst d\u00fczey y\u00f6neticilerin e-posta hesaplar\u0131na eri\u015fim sa\u011flamakt\u0131r.<\/p>\n\n\n\n

3. E-posta G\u00f6nderme<\/h3>\n\n\n\n

Son olarak, i\u015f arkada\u015flar\u0131n\u0131, \u015firket avukatlar\u0131n\u0131 veya ortaklar\u0131n\u0131 taklit eden sald\u0131rganlar, \u015f\u00fcphelenmeyen \u00e7al\u0131\u015fanlara tan\u0131d\u0131k, ikna edici ve acil e-posta\u2019lar g\u00f6nderir. Bu t\u00fcr e-posta\u2019lar, ma\u011fdurlar\u0131 gizli bilgi sa\u011flamaya veya yasal olmayan \u00f6deme transferleri ba\u015flatmaya y\u00f6nlendirir. Bu t\u00fcr sald\u0131r\u0131lar\u0131n, ara\u015ft\u0131rma d\u00fczeyine ba\u011fl\u0131 olarak tek bir e-posta veya bir ileti dizisi olarak y\u00fcr\u00fct\u00fclebilece\u011fini bilmeniz \u00f6nemlidir.<\/p>\n\n\n\n

4. \u0130\u015fe Etkisi<\/h3>\n\n\n\n

Bilgisayar korsanlar\u0131 e-posta al\u0131c\u0131s\u0131n\u0131n g\u00fcvenini kazand\u0131ktan sonra, kurbanlar\u0131 gizli verileri payla\u015fma veya \u00f6deme yapma isteklerini yerine getirmeye kolayca ikna eder. \u00d6rne\u011fin, sald\u0131rganlar, yeni bir hesaba ayl\u0131k fatura \u00f6deme transferleri almak i\u00e7in \u015firket ortaklar\u0131n\u0131n kimli\u011fine b\u00fcr\u00fcnebilir. B\u00f6yle bir senaryoda, hedeflenen finans departman\u0131 personeli talebi sorgulamayabilir ve gerekli tutar\u0131 aktararak faturay\u0131 i\u015fleme alabilir.<\/p>\n\n\n\n

Business Email Compromise (BEC) Neden \u0130\u015fletmeler \u0130\u00e7in Bir Sorundur?<\/h2>\n\n\n\n
\"Business<\/figure><\/div>\n\n\n\n

Sosyal m\u00fchendislik teknikleriyle desteklenen BEC sald\u0131r\u0131lar\u0131n\u0131n y\u00fcr\u00fct\u00fclmesi kolayd\u0131r, minimum ara\u00e7 gerektirir ve bilgisayar korsanlar\u0131 aras\u0131nda olduk\u00e7a pop\u00fclerdir. <\/p>\n\n\n\n

BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131, genellikle kurbanlar\u0131n g\u00fcvenini kazand\u0131ktan sonra yap\u0131lan kimlik av\u0131 ve sosyal m\u00fchendislik tekniklerine dayal\u0131 karma\u015f\u0131k sald\u0131r\u0131lard\u0131r. \u00c7o\u011fu geleneksel g\u00fcvenlik \u00f6nlemi \u00f6ncelikle teknik tehditlere odakland\u0131\u011f\u0131ndan, i\u015fletmelerin BEC sald\u0131r\u0131lar\u0131yla m\u00fccadele etmesi zordur. Ayr\u0131ca, \u015firket genelinde farkl\u0131 kullan\u0131c\u0131lar\u0131 hedefleyen farkl\u0131 BEC sald\u0131r\u0131lar\u0131 t\u00fcrleri de vard\u0131r ve bu da sorunu daha da zorla\u015ft\u0131r\u0131r.<\/p>\n\n\n\n

A\u015fa\u011f\u0131daki nedenler, BEC sald\u0131r\u0131lar\u0131n\u0131 end\u00fcstrilerdeki ticari i\u015fletmeler i\u00e7in bir zorluk haline getirir. \u0130\u015fletmelerin savunmas\u0131 gereken be\u015f ana BEC doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 t\u00fcr\u00fc a\u015fa\u011f\u0131daki gibidir:<\/p>\n\n\n\n

1. Fatura \u00d6deme<\/h3>\n\n\n\n

Sald\u0131rganlar, ele ge\u00e7irilmi\u015f e-posta hesab\u0131ndan g\u00f6nderenin kimli\u011fine b\u00fcr\u00fcnerek belirli bir hesaba fatura \u00f6demeleri i\u00e7in para transferi talep eden bir e-posta g\u00f6nderir.<\/p>\n\n\n\n

2. CEO Sahtekarl\u0131\u011f\u0131<\/h3>\n\n\n\n

Sald\u0131rganlar, finans departman\u0131ndaki \u00e7al\u0131\u015fanlara e-posta g\u00f6ndermek ve sahte bir hesaba acil para transferi talep etmek i\u00e7in CEO’nun veya di\u011fer \u00fcst d\u00fczey y\u00f6neticinin e-posta hesab\u0131n\u0131 taklit eder.<\/p>\n\n\n\n

3. Hackleme<\/h3>\n\n\n\n

Sald\u0131rganlar, hedeflenen \u00e7al\u0131\u015fan\u0131n ortaklar, tedarik\u00e7iler ve sat\u0131c\u0131lardan olu\u015fan ileti\u015fim listesini \u00e7\u0131karmak i\u00e7in bir \u00e7al\u0131\u015fan\u0131n e-posta hesab\u0131n\u0131 hackler. Ard\u0131ndan, sald\u0131rganlar, sahte bir hesaba fatura \u00f6demesi talep eden e-posta’lar g\u00f6nderir.<\/p>\n\n\n\n

4. Avukat Kimli\u011fi<\/h3>\n\n\n\n

Bilgisayar korsanlar\u0131, \u015firketin m\u00fc\u015fterileri i\u00e7in \u00e7al\u0131\u015fan bir avukat\u0131 taklit ederek, \u015firket y\u00f6neticilerine acil para transferleri talep eden bir e-posta g\u00f6nderir.<\/p>\n\n\n\n

5. Veri H\u0131rs\u0131zl\u0131\u011f\u0131<\/h3>\n\n\n\n

Sald\u0131rganlar, ki\u015fisel verileri elde etmek i\u00e7in di\u011fer \u00e7al\u0131\u015fanlara e-posta g\u00f6ndermek i\u00e7in \u0130K veya idari \u00e7al\u0131\u015fanlar\u0131n e-posta hesaplar\u0131n\u0131 hedefler ve bu, i\u015fletmeye kar\u015f\u0131 daha karma\u015f\u0131k bir sald\u0131r\u0131 ba\u015flatmak i\u00e7in kullan\u0131l\u0131r.<\/p>\n\n\n\n

  • Son Derece Geli\u015fmi\u015f Teknikler Kullan\u0131l\u0131r:<\/strong> Sald\u0131rganlar, BEC sald\u0131r\u0131lar\u0131n\u0131 ba\u015flatmak i\u00e7in a\u015fa\u011f\u0131daki gibi olduk\u00e7a etkili teknikler kullan\u0131r:<\/li><\/ul>\n\n\n\n
    • Spear Phishing:<\/strong> G\u00fcvenilir bir g\u00f6ndericiden gelen me\u015fru istekler olarak sunulan sahte ve yan\u0131lt\u0131c\u0131 e-posta\u2019lar, e-posta al\u0131c\u0131lar\u0131n\u0131 gizli bilgileri sald\u0131rganlara a\u00e7\u0131klamaya ikna eder.<\/li><\/ul>\n\n\n\n
      • Sahte E-posta Hesaplar\u0131 ve URL’ler:<\/strong> Ger\u00e7ek e-posta adreslerinde veya web sitesi alan adlar\u0131ndaki k\u00fc\u00e7\u00fck de\u011fi\u015fikliklerle, sald\u0131rganlar kurbanlar\u0131 hileli hesaplar\u0131 ger\u00e7ek olarak kabul etmeleri i\u00e7in kand\u0131rmay\u0131 ba\u015far\u0131r.<\/li><\/ul>\n\n\n\n
        • K\u00f6t\u00fc Ama\u00e7l\u0131 Yaz\u0131l\u0131m:<\/strong> Sald\u0131rganlar, \u015firketin dahili verilerine ve sistemlerine eri\u015ferek a\u011flar\u0131na girmek i\u00e7in k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m kullan\u0131r. K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m yoluyla al\u0131nan bilgiler, para transferi talep ederken \u015f\u00fcphe uyand\u0131rmaktan ka\u00e7\u0131nmak i\u00e7in tan\u0131d\u0131k e-posta adreslerinden g\u00f6nderilir ve ma\u011fdurlar bu \u015fekilde manip\u00fcle edilir.<\/li><\/ul>\n\n\n\n
          • BEC’nin Ciddi \u0130\u015f Etkileriyle Sonu\u00e7lanmas\u0131:<\/strong> Potansiyel veri h\u0131rs\u0131zl\u0131\u011f\u0131na ek olarak, BEC sald\u0131r\u0131lar\u0131 i\u015fletmeler i\u00e7in b\u00fcy\u00fck bir ekonomik tehdide neden olur. Hassas \u015firket verilerine eri\u015fimi olan sald\u0131rganlar genellikle hesaplar\u0131na \u00f6deme ve para transferi talep eder. Ayr\u0131ca, sald\u0131rganlar \u015firketin tedarik\u00e7ileri, m\u00fc\u015fterileri veya ortaklar\u0131 hakk\u0131ndaki verileri ele ge\u00e7irirse, \u015firket itibar\u0131n\u0131 ve marka de\u011ferini kaybedebilir.<\/li><\/ul>\n\n\n\n

            BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir?<\/h2>\n\n\n\n

            Business email compromise (BEC) <\/strong>veya e-posta hesab\u0131 g\u00fcvenli\u011fi sald\u0131r\u0131lar\u0131, teknik g\u00fcvenlik a\u00e7\u0131klar\u0131ndan \u00e7ok insanlara odaklan\u0131r. Bu nedenle, her t\u00fcrl\u00fc BEC sald\u0131r\u0131s\u0131n\u0131 i\u015f i\u00e7in bir g\u00fc\u00e7l\u00fck haline gelmeden \u00f6nce proaktif olarak \u00f6nlemek i\u00e7in kullan\u0131c\u0131 merkezli bir savunmay\u0131 stratejik olarak planlamak zorunludur. <\/p>\n\n\n\n

            BEC doland\u0131r\u0131c\u0131l\u0131\u011f\u0131n\u0131 \u00f6nlemeye yard\u0131mc\u0131 olacak baz\u0131 temel ipu\u00e7lar\u0131n\u0131 a\u015fa\u011f\u0131da bulabilirsiniz:<\/p>\n\n\n\n

            • \u00c7al\u0131\u015fanlar aras\u0131nda farkl\u0131 BEC sald\u0131r\u0131lar\u0131 hakk\u0131nda fark\u0131ndal\u0131k yarat\u0131n. BEC riskini daha h\u0131zl\u0131 anlamak ve tespit etmek i\u00e7in a\u00e7\u0131k kaynakl\u0131 kimlik av\u0131 sim\u00fclasyon ara\u00e7lar\u0131n\u0131 kullanmak i\u00e7in e\u011fitim sa\u011flay\u0131n.<\/li>
            • \u0130\u015fletmeyi g\u00fcvende tutmak i\u00e7in \u00f6zel bir siber g\u00fcvenlik ekibi olu\u015fturun.<\/li>
            • Daha iyi e\u011fitim, \u00f6\u011fretim ve siber g\u00fcvenlik davran\u0131\u015f\u0131nda olumlu de\u011fi\u015fiklik sa\u011flamak i\u00e7in \u00e7al\u0131\u015fanlar\u0131 BEC fark\u0131ndal\u0131\u011f\u0131 a\u00e7\u0131s\u0131ndan d\u00fczenli olarak izleyin. Kullan\u0131c\u0131lara BEC ile ili\u015fkili riskleri s\u00fcrekli olarak hat\u0131rlat\u0131n.<\/li>
            • Ki\u015fisel cihazlar\u0131n kullan\u0131m\u0131n\u0131 ve \u015firket a\u011f\u0131n\u0131n \u00f6tesinde bilgi payla\u015f\u0131m\u0131n\u0131 kontrol etmek i\u00e7in a\u011f eri\u015fim kurallar\u0131n\u0131 tan\u0131mlay\u0131n.<\/li>
            • G\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 kontrol etmek i\u00e7in gerekli k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m korumas\u0131 ve istenmeyen e-posta \u00f6nleme yaz\u0131l\u0131m\u0131 y\u00fckleyin.<\/li>
            • \u0130\u015fletim sistemlerini, a\u011flar\u0131, uygulamalar\u0131 ve di\u011fer dahili yaz\u0131l\u0131m sistemlerini g\u00fcncel ve g\u00fcvenli tutun.<\/li>
            • Savunma mekanizmas\u0131n\u0131 g\u00fc\u00e7lendirmek i\u00e7in e-posta hesaplar\u0131 i\u00e7in iki fakt\u00f6rl\u00fc veya \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama ayarlay\u0131n.<\/li>
            • Siber g\u00fcvenlik bilinci e\u011fitimi ve deste\u011fini genel kurumsal k\u00fclt\u00fcr\u00fcn bir par\u00e7as\u0131 haline getirin.<\/li>
            • Sald\u0131rganlar\u0131n parolalar\u0131 veya g\u00fcvenlik sorular\u0131n\u0131n yan\u0131tlar\u0131n\u0131 tahmin ederek i\u015f e-posta hesaplar\u0131na girmek i\u00e7in kullanabilece\u011fi bilgileri \u00e7evrimi\u00e7i olarak veya sosyal medyada payla\u015f\u0131rken dikkatli olun.<\/li>
            • Hesap bilgilerini g\u00fcncellemek veya do\u011frulamak isteyen istenmeyen e-posta\u2019lardaki ba\u011flant\u0131lara t\u0131klamaktan ka\u00e7\u0131n\u0131n.<\/li>
            • Bilinmeyen veya \u015f\u00fcpheli g\u00f6ndericilerden gelen e-posta eklerini asla a\u00e7may\u0131n veya indirmeyin.<\/li>
            • Doland\u0131r\u0131c\u0131lar\u0131n benzer alan adlar\u0131ndan gereksiz yere yararlanmas\u0131n\u0131 \u00f6nlemek i\u00e7in e-posta adreslerinin yaz\u0131m\u0131n\u0131 \u00f6zenle kontrol edin.<\/li><\/ul>\n\n\n\n

              BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Durdurulur?<\/h2>\n\n\n\n
              \"BEC<\/figure><\/div>\n\n\n\n

              Business email compromise (BEC)<\/strong> sald\u0131r\u0131lar\u0131n\u0131 durdurmak zor olsa da, sald\u0131r\u0131 riskini azaltmak i\u00e7in \u00e7ok katmanl\u0131 sa\u011flam bir g\u00fcvenlik yakla\u015f\u0131m\u0131 ve kapsaml\u0131 \u00e7al\u0131\u015fan e\u011fitimi sa\u011flanmas\u0131 tavsiye edilir. \u0130\u015fletmeler, ticari e-posta g\u00fcvenli\u011finin ihlal edilmesini durdurmak i\u00e7in a\u015fa\u011f\u0131daki \u00f6nlemleri almal\u0131d\u0131r.<\/p>\n\n\n\n

              1. Sald\u0131r\u0131 G\u00f6r\u00fcn\u00fcrl\u00fc\u011f\u00fc Edinin<\/h3>\n\n\n\n

              BEC risklerini etkin bir \u015fekilde azaltmak i\u00e7in i\u015fletmelerin net bir sald\u0131r\u0131 g\u00f6r\u00fcn\u00fcrl\u00fc\u011f\u00fc elde etmesi gerekir. Bu, potansiyel BEC tehditlerini, en savunmas\u0131z \u00e7al\u0131\u015fanlar\u0131 ve sorun giderme s\u00fcrecini anlamada yard\u0131mc\u0131 olur. BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131na kar\u015f\u0131 korunmak i\u00e7in do\u011fru yaz\u0131l\u0131m, bir i\u015fletmede hedeflenen \u00e7al\u0131\u015fanlar\u0131 ve s\u00fcrmekte olan sald\u0131r\u0131 t\u00fcrlerini h\u0131zl\u0131 bir \u015fekilde belirlemek i\u00e7in eksiksiz bir g\u00f6r\u00fcn\u00fcrl\u00fck sunar. Ayr\u0131ca, \u00e7e\u015fitli BEC sald\u0131r\u0131 t\u00fcrleri i\u00e7in savunmas\u0131z kullan\u0131c\u0131lar\u0131 tespit etmeye ve k\u00f6t\u00fc niyetli alan ad\u0131 benzerliklerini izlemeye yard\u0131mc\u0131 olur. Ayr\u0131ca i\u015fletmeler, veri ihlallerini \u00f6nlemek ve tehdit azaltmaya \u00f6ncelik vermek i\u00e7in alanlar\u0131n\u0131 kullanarak ilgili payda\u015flara g\u00f6nderilen e-posta’lara ili\u015fkin ayr\u0131nt\u0131l\u0131 g\u00f6r\u00fcn\u00fcrl\u00fck elde etmelidir.<\/p>\n\n\n\n

              2. E-posta Koruma Kontrolleri Sa\u011flay\u0131n<\/h3>\n\n\n\n

              Korumay\u0131 iyile\u015ftirmek i\u00e7in mevcut kurumsal prosed\u00fcrleri ve politikalar\u0131 g\u00f6zden ge\u00e7irmeye ve gerekli kontrolleri eklemeye devam etmek \u00e7ok \u00f6nemlidir. \u0130\u015fletmelerin uygulad\u0131\u011f\u0131 \u00e7e\u015fitli kontroller a\u015fa\u011f\u0131dakileri i\u00e7ermelidir:<\/p>\n\n\n\n

              • \u0130ki Fakt\u00f6rl\u00fc Kimlik Do\u011frulama:<\/strong> \u0130ki fakt\u00f6rl\u00fc kimlik do\u011frulama ile e-posta hesaplar\u0131nda g\u00fcvenli bir \u015fekilde oturum a\u00e7mak, e-posta hesab\u0131n\u0131n tehlikeye girmesine yol a\u00e7an doland\u0131r\u0131c\u0131l\u0131k olas\u0131l\u0131\u011f\u0131n\u0131 en aza indirir.<\/li>
              • S\u0131k\u0131 Muhasebe Kontrolleri: <\/strong>\u015eirketlerin \u00f6deme taleplerinin ve onaylar\u0131n\u0131n me\u015fruiyetini etkin bir \u015fekilde do\u011frulamak i\u00e7in daha kat\u0131 ve daha resmi muhasebe kontrolleri kullanmas\u0131 \u00f6nerilir.<\/li>
              • Kimlik Tabanl\u0131 Kimlik Av\u0131 \u00d6nleme Kontrolleri: <\/strong>Sald\u0131rganlar daha karma\u015f\u0131k sald\u0131r\u0131lar ba\u015flatmay\u0131 planlarken, i\u015fletmelerin ak\u0131ll\u0131 kimlik tabanl\u0131 kimlik av\u0131 savunmalar\u0131 geli\u015ftirmesi gerekir. Bu t\u00fcr modern kontroller, her t\u00fcrl\u00fc BEC riskinin belirlenmesine yard\u0131mc\u0131 olur.<\/li>
              • DMARC Tabanl\u0131 Koruma:<\/strong> \u0130\u015fletmeler, alan ad\u0131 tabanl\u0131 \u0130leti Kimlik Do\u011frulamas\u0131, Raporlama ve Uygunluk (DMARC) da\u011f\u0131tarak alan adlar\u0131n\u0131 \u00e7al\u0131\u015fanlar, i\u015f ortaklar\u0131 ve m\u00fc\u015fteriler gibi payda\u015flar\u0131na sald\u0131rmak isteyenlere kar\u015f\u0131 korumal\u0131d\u0131r.<\/li><\/ul>\n\n\n\n

                3. Kullan\u0131c\u0131 Fark\u0131ndal\u0131\u011f\u0131 ve E\u011fitimi Verin<\/h3>\n\n\n\n

                \u0130\u015fletmeler, \u00e7al\u0131\u015fanlar\u0131n\u0131, k\u00f6t\u00fc niyetli e-posta ve kimlik av\u0131 sald\u0131r\u0131lar\u0131n\u0131 nas\u0131l belirleyece\u011fi ve bunlar\u0131 raporlamak i\u00e7in gereken eylem plan\u0131 hakk\u0131nda e\u011fitmelidir. Habersiz kullan\u0131c\u0131lar, ald\u0131klar\u0131 e-posta\u2019lara g\u00fcvenme e\u011filimindedir ve bu t\u00fcr k\u00f6t\u00fc niyetli e-posta’lar\u0131n tuza\u011f\u0131na d\u00fc\u015febilirler. Kapsaml\u0131 e\u011fitim ve fark\u0131ndal\u0131k kampanyalar\u0131, kullan\u0131c\u0131lar\u0131 gerekli bilgi ve anlay\u0131\u015fla tetikte kalmalar\u0131 ve BEC sorunlar\u0131n\u0131 BT departman\u0131na bildirmeleri i\u00e7in g\u00fc\u00e7lendirerek, bir i\u015fletmenin kurumsal e-posta g\u00fcvenli\u011fi ihlal sald\u0131r\u0131lar\u0131na kar\u015f\u0131 savunmas\u0131n\u0131 geli\u015ftirir. D\u00fczenli e\u011fitim ve bilin\u00e7lendirme kampanyalar\u0131, BT ekiplerinin geli\u015fen BEC risklerine kar\u015f\u0131 g\u00fcncel kalmas\u0131 i\u00e7in olduk\u00e7a \u00f6nemlidir.<\/p>\n","protected":false},"excerpt":{"rendered":"

                Business email compromise (BEC) yani i\u015f e-posta g\u00fcvenli\u011fi, karma\u015f\u0131k bir siber su\u00e7tur. Bilgisayar korsanlar\u0131, me\u015fru g\u00f6r\u00fcnerek g\u00fcvenli\u011fi ihlal edilmi\u015f e-posta hesaplar\u0131ndan yararlan\u0131r ve e-posta al\u0131c\u0131lar\u0131n\u0131n kredi kart\u0131 ayr\u0131nt\u0131lar\u0131n\u0131, ticari s\u0131rlar\u0131n\u0131, hassas verilerini veya bilgilerini payla\u015fmas\u0131na veya para g\u00f6ndermelerine ikna i\u00e7in \u00e7al\u0131\u015f\u0131r. BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131, veri h\u0131rs\u0131zl\u0131\u011f\u0131, olas\u0131 finansal kay\u0131plar ve zarar g\u00f6rm\u00fc\u015f marka imaj\u0131 gibi zorluklar […]<\/p>\n","protected":false},"author":2,"featured_media":2041,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[70,87,86,1],"tags":[],"class_list":["post-2040","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dijital-pazarlama","category-e-mail-e-posta","category-guvenlik","category-nedir-nasil-yapilir"],"yoast_head":"\nBusiness Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir? - Uzman Posta<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/uzmanposta.com\/blog\/bec\/\" \/>\n<meta property=\"og:locale\" content=\"tr_TR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir? - Uzman Posta\" \/>\n<meta property=\"og:description\" content=\"Business email compromise (BEC) yani i\u015f e-posta g\u00fcvenli\u011fi, karma\u015f\u0131k bir siber su\u00e7tur. Bilgisayar korsanlar\u0131, me\u015fru g\u00f6r\u00fcnerek g\u00fcvenli\u011fi ihlal edilmi\u015f e-posta hesaplar\u0131ndan yararlan\u0131r ve e-posta al\u0131c\u0131lar\u0131n\u0131n kredi kart\u0131 ayr\u0131nt\u0131lar\u0131n\u0131, ticari s\u0131rlar\u0131n\u0131, hassas verilerini veya bilgilerini payla\u015fmas\u0131na veya para g\u00f6ndermelerine ikna i\u00e7in \u00e7al\u0131\u015f\u0131r. BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131, veri h\u0131rs\u0131zl\u0131\u011f\u0131, olas\u0131 finansal kay\u0131plar ve zarar g\u00f6rm\u00fc\u015f marka imaj\u0131 gibi zorluklar […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/uzmanposta.com\/blog\/bec\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/uzmanposta\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-26T15:24:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-04T08:44:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png\" \/>\n\t<meta property=\"og:image:width\" content=\"750\" \/>\n\t<meta property=\"og:image:height\" content=\"375\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Sibel Ho\u015f\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@uZmanPosta\" \/>\n<meta name=\"twitter:site\" content=\"@uZmanPosta\" \/>\n<meta name=\"twitter:label1\" content=\"Yazan:\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sibel Ho\u015f\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tahmini okuma s\u00fcresi\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 dakika\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir? - Uzman Posta","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/uzmanposta.com\/blog\/bec\/","og_locale":"tr_TR","og_type":"article","og_title":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir? - Uzman Posta","og_description":"Business email compromise (BEC) yani i\u015f e-posta g\u00fcvenli\u011fi, karma\u015f\u0131k bir siber su\u00e7tur. Bilgisayar korsanlar\u0131, me\u015fru g\u00f6r\u00fcnerek g\u00fcvenli\u011fi ihlal edilmi\u015f e-posta hesaplar\u0131ndan yararlan\u0131r ve e-posta al\u0131c\u0131lar\u0131n\u0131n kredi kart\u0131 ayr\u0131nt\u0131lar\u0131n\u0131, ticari s\u0131rlar\u0131n\u0131, hassas verilerini veya bilgilerini payla\u015fmas\u0131na veya para g\u00f6ndermelerine ikna i\u00e7in \u00e7al\u0131\u015f\u0131r. BEC doland\u0131r\u0131c\u0131l\u0131klar\u0131, veri h\u0131rs\u0131zl\u0131\u011f\u0131, olas\u0131 finansal kay\u0131plar ve zarar g\u00f6rm\u00fc\u015f marka imaj\u0131 gibi zorluklar […]","og_url":"https:\/\/uzmanposta.com\/blog\/bec\/","og_site_name":"Blog","article_publisher":"https:\/\/www.facebook.com\/uzmanposta\/","article_published_time":"2022-01-26T15:24:17+00:00","article_modified_time":"2023-03-04T08:44:42+00:00","og_image":[{"width":750,"height":375,"url":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png","type":"image\/png"}],"author":"Sibel Ho\u015f","twitter_card":"summary_large_image","twitter_creator":"@uZmanPosta","twitter_site":"@uZmanPosta","twitter_misc":{"Yazan:":"Sibel Ho\u015f","Tahmini okuma s\u00fcresi":"10 dakika"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/uzmanposta.com\/blog\/bec\/#article","isPartOf":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/"},"author":{"name":"Sibel Ho\u015f","@id":"https:\/\/uzmanposta.com\/blog\/#\/schema\/person\/ac85212a35ebcaaf56c92a7e051813d6"},"headline":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir?","datePublished":"2022-01-26T15:24:17+00:00","dateModified":"2023-03-04T08:44:42+00:00","mainEntityOfPage":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/"},"wordCount":2404,"publisher":{"@id":"https:\/\/uzmanposta.com\/blog\/#organization"},"image":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/#primaryimage"},"thumbnailUrl":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png","articleSection":["Dijital Pazarlama","E-mail & E-posta","G\u00fcvenlik","Nedir? Nas\u0131l Yap\u0131l\u0131r?"],"inLanguage":"tr"},{"@type":"WebPage","@id":"https:\/\/uzmanposta.com\/blog\/bec\/","url":"https:\/\/uzmanposta.com\/blog\/bec\/","name":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir? - Uzman Posta","isPartOf":{"@id":"https:\/\/uzmanposta.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/#primaryimage"},"image":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/#primaryimage"},"thumbnailUrl":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png","datePublished":"2022-01-26T15:24:17+00:00","dateModified":"2023-03-04T08:44:42+00:00","breadcrumb":{"@id":"https:\/\/uzmanposta.com\/blog\/bec\/#breadcrumb"},"inLanguage":"tr","potentialAction":[{"@type":"ReadAction","target":["https:\/\/uzmanposta.com\/blog\/bec\/"]}]},{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/uzmanposta.com\/blog\/bec\/#primaryimage","url":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png","contentUrl":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2022\/01\/business-email-compromise-bec-nedir-bec-saldirilari-nasil-engellenir.png","width":750,"height":375,"caption":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir?"},{"@type":"BreadcrumbList","@id":"https:\/\/uzmanposta.com\/blog\/bec\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/uzmanposta.com\/blog\/"},{"@type":"ListItem","position":2,"name":"G\u00fcvenlik","item":"https:\/\/uzmanposta.com\/blog\/guvenlik\/"},{"@type":"ListItem","position":3,"name":"Business Email Compromise (BEC) Nedir? BEC Sald\u0131r\u0131lar\u0131 Nas\u0131l Engellenir?"}]},{"@type":"WebSite","@id":"https:\/\/uzmanposta.com\/blog\/#website","url":"https:\/\/uzmanposta.com\/blog\/","name":"Blog","description":"","publisher":{"@id":"https:\/\/uzmanposta.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/uzmanposta.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"tr"},{"@type":"Organization","@id":"https:\/\/uzmanposta.com\/blog\/#organization","name":"Uzman Posta","url":"https:\/\/uzmanposta.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/uzmanposta.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2020\/05\/logo.png","contentUrl":"https:\/\/uzmanposta.com\/blog\/wp-content\/uploads\/2020\/05\/logo.png","width":131,"height":60,"caption":"Uzman Posta"},"image":{"@id":"https:\/\/uzmanposta.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/uzmanposta\/","https:\/\/x.com\/uZmanPosta","https:\/\/www.instagram.com\/uzmanposta\/","https:\/\/www.linkedin.com\/company\/uzmanposta\/","https:\/\/www.youtube.com\/channel\/UCk2n1vp1YJ0n3XaDRWBi88Q"]},{"@type":"Person","@id":"https:\/\/uzmanposta.com\/blog\/#\/schema\/person\/ac85212a35ebcaaf56c92a7e051813d6","name":"Sibel Ho\u015f","image":{"@type":"ImageObject","inLanguage":"tr","@id":"https:\/\/secure.gravatar.com\/avatar\/f925f03d20ff0803ddb37c96d39d3793c085014ce56421050f24823c23db1c2a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f925f03d20ff0803ddb37c96d39d3793c085014ce56421050f24823c23db1c2a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f925f03d20ff0803ddb37c96d39d3793c085014ce56421050f24823c23db1c2a?s=96&d=mm&r=g","caption":"Sibel Ho\u015f"},"sameAs":["https:\/\/sibelhos.com\/","https:\/\/www.instagram.com\/bismoothie\/","https:\/\/www.linkedin.com\/in\/sibelhos\/"]}]}},"_links":{"self":[{"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/posts\/2040","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/comments?post=2040"}],"version-history":[{"count":0,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/posts\/2040\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/media\/2041"}],"wp:attachment":[{"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/media?parent=2040"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/categories?post=2040"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/uzmanposta.com\/blog\/wp-json\/wp\/v2\/tags?post=2040"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}