Security News > 2021 > February > Introducing DAIC: A Suggested System for Preventing BEC Fraud
The suggested solution is a standard which enables organizations to quickly and securely validate the bank account information of companies before they send payments, while also enabling anti-fraud vendors to collect much needed threat intelligence on on-going scam campaigns.
DAIC uses tried-and-tested methods used in other security standards, such as DMARC. Each company adds to their DNS records a record indicating the DAIC server of their choice.
It then looks for a DAIC DNS record of the provided domain in order to extract the location of the DAIC server.
Limitations of DAIC. DAIC isn't an infallible system.
Despite some limitations, implementing DAIC still raises the bar of the technical level necessary to pull off a successful BEC fraud, taking many of the unsophisticated fraudsters who are currently performing these scams out of the game, dramatically reducing the overall losses experienced by BEC fraud worldwide.
DAIC is still in its infancy, the product of a thought experiment in how to prevent BEC fraud.