22 Nov Business Email Compromise Scam
November 18, 2019
On November 18th NPR’s, All Things Considered reported on a rapidly growing scam targeting businesses called Business Email Compromise (BEC). The statistics are staggering. The FBI estimates that in 2016 $316 million was stolen by way of a BEC scam, $676 million in 2017 and $1.2 billion in 2018. These figures only account for the BEC’s thefts reported to the FBI. However, it is likely that many successful scams went unreported often because the businesses and individual victims are embarrassed that they were duped.
This is a highly sophisticated scam that starts with email security intrusion or hacking into the corporate email systems. When in, the cyber-criminal targets specific individuals within the business who they observe are exercising authority to negotiate with vendors, customers and partners and initiate payments. Once this is accomplished, the criminal monitors email traffic for an opportunity to impersonate someone who would be trusted when requesting a wire payment.
To prevent our Managed Service customers from becoming a victim of a Business Email Compromise, we pro-actively monitor and ensure our customers’ Network, and Email Security Systems are always current with regards to security-related updates and patches. However, ultimately, for this scam to work, an employee must believe she’s dealing with a known entity and even a familiar individual she trusts.
To address the “human” element on the victim’s side, we can review current systems and procedures for “areas” open to a successful intrusion. Included with this review is onsite employee cyber security education designed to raise general cyber awareness, how to spot phishing emails, unsafe web and ads.
If you have security concerns, or feel it is time to learn more about the benefits of a proactive IT partner working to protect your business, we would love to hear from you. For more information, please call 440.239.8426 or email info@lsgtech.com.
Source: NPR
No Comments