中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/94911
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41631883      Online Users : 3642
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/94911


    Title: 商業電子郵件詐騙(BEC)對於企業安全威脅之因應措施探討;Discussion on Countermeasures for the Threat of Business Email Compromise (BEC) to Corporate Security
    Authors: 張世蕾;Chang, Shih-Lei
    Contributors: 企業管理學系在職專班
    Keywords: 根本原因分析法;商業電子郵件詐騙;Root Cause Analysis;Business Email Compromise;5W1H
    Date: 2024-08-20
    Issue Date: 2024-10-09 15:36:43 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 商務電子郵件詐騙(Business Email Compromise,簡稱BEC)是近年來常見之網路詐騙攻擊手段,由於金融貿(交)易公司對科技依賴性日益趨增,攻擊者利用國際間商業往來合作雙方之互信原則,以電子郵件、即時通訊軟體等工具,再利用跨國時間及距離之差異、組織內部流程之漏洞,以及人員疏忽等途徑,進而從中攻擊並謀取暴利,造成企業以及社會經濟之嚴重損失,受害之企業人數及金額為數甚多,儼然已成為全球企業刻不容緩,極需面對之問題。本文透過蒐集近十年BEC詐騙實例資料,對於受騙個案進行根本原因分析,並提出改善建議。
    本研究以受害公司遭詐騙情形為例,對事件發生之根因採5W1H之方式作為根本原因分析工具加以研析,結果顯示,企業遭受商務電子郵件詐騙,主因包括內部流程不完善、人員培訓不足及技術手段不夠先進等問題,致造成重大損失。本研究建議,可透過強化內部審批機制,增加多層次驗證程序,同時對於所有涉及財務、會計及研發的人員,應強化進行資安培訓,使其具備識別潛在詐騙的能力。同時,建議企業應與時俱進,部署更先進的垃圾郵件過濾系統、即時監控系統以及定期進行內外部安全稽核,以避免商務電子郵件詐騙。;Business Email Compromise (BEC) is a common method of cyber fraud in recent years. As financial trading companies increasingly rely on technology, attackers exploit the trust principle between international business partners. They use tools such as email and instant messaging software, taking advantage of time and distance differences across countries, organizational process loopholes, and personnel negligence to carry out attacks and gain huge profits. This results in severe losses for enterprises and the socio-economy, with a significant number of affected companies and financial losses. It has become an urgent global issue that enterprises must face and address. This article collects data on BEC fraud cases over the past decade, conducts a root cause analysis of the incidents, and proposes improvement suggestions.
    This study uses examples of companies that fell victim to fraud, employing the 5W1H method as a root cause analysis tool to analyze the incidents. It finds that the primary causes are incomplete process planning and a lack of security awareness among personnel. Based on these findings, improvement suggestions are proposed.
    Appears in Collections:[Executive Master of Business Administration] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML28View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明