Do You Know Who Sent the Email: Business Email Compromise

Business Email Compromise (BEC) scam, criminals send/target an email message that appears to come from a known source making a legitimate request. During the attack, cyber-criminals fool employees into executing unauthorized wire transfers or disclosing confidential information.

According to the recently released Anti-Phishing Working Group (APWG)’s Phishing Activity Trends Report [PDF]: Business email compromise (BEC) attacks is significantly on the rise.

Second quarter of 2020 the average was $80,000+, up from $54,000 in the first quarter for average wire-transfer loss.

Also, FBI’s annual report, BEC continues to be the biggest money-maker for cyber-criminals last year, accounting for over half of all losses to cybercrime. In 2019 scammers made almost $1.8 billion, over half the $3.5 billion total per FBI’s 2019 Internet Crime Report. Decent increase from 2018 . . . $1.3 billion and total of $2.7 billion. Check out FBI Business Email Compromise page.

BEC damages can include . . .

  • Money loss as fraud wire transfer
  • Reputation loss for the CEO/CFO and the organization
  • Termination of the CEO/CFO
  • Lawsuits against CEO/CFO and victim executives
  • Loss of customer trust

A Business Email Compromise Scheme IMPOSES a HIGHER RISK as well as DAMAGE to the organization at a HIGHER level.

Don’t let your company become the next victim, educate your employees. Your users need to watch for suspicious content and be kept up to date on the latest attack trends. It’s not a one and done deal . . .employees must have continual security training and aware of the latest potential attacks.

Time for Security Awareness Training . . . CIT can help. And don’t forget to check out CIT’s Phishing Series.

Corporate Information Technologies provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised. 

Don’t Gamble With Your Security  Contact us