The FBI has issued warnings to all businesses about the spread of BEC scams. One of the fastest growing hazards facing businesses today is business email compromise, or BEC scams. According to the FBI these scams have increased more than 270% since the beginning of last year. In their latest report, more than 7,000 businesses have lost more than $1.2 billion in the last 2 years. At Complete Network Support we can help mitigate your IT risk. We are at the forefront of IT risk management; monitoring, assessing and evaluating threats to your network regardless of the source.
While these scams may appear less impressive than sophisticated malware targeting banks and other large institutions; a BEC attack is in reality far more malicious. They are more versatile and can avoid the basic security steps taken by businesses and individuals. Instead of simply targeting your machines, a BEC scam targets your employees. According to the FBI, “The scam has been reported in all 50 states and in 79 countries. Fraudulent transfers have been reported going to 72 countries; however, the majority of the transfers are going to Asian banks located within China and Hong Kong.”
BEC scams are perpetrated in multiple stages. In the first stage, a traditional phishing scam is initiated. Once the criminal has access to an employee’s email, they monitor the account for days, weeks sometimes even months. During this time the cyber sleuth determines critical financial processes and practices used by your business. These criminals then ascertain whether or not wire transfers are used and which individuals make the requests for said wire transfers. Emails are probed for a multitude of keywords: invoice, deposit, president, CEO, CFO, accounting and funds are all examples of keywords used to verify transfers.
Once the reconnaissance stage is completed the second phase begins. This portion can present itself in two different ways. The first is known as a CEO Phishing Scam. The perpetrator(s) create a domain name that is nearly identical to the company’s and send an email that appears to be from the CEO or other high ranking executive from this address. This email and email address will appear legitimate. However, upon closer examination the email address of the sender will in fact be fraudulent. The email requests a specific wire transfer sparing no details. The targeted employee then, without hesitancy, does as instructed. At this point, company funds have been seized never to be seen again.
In the second version of this scam, the email of someone within the targeted company responsible for billing and invoicing is taken over and used to send out seemingly legitimate invoices instructing that payment be made by wire to a newly designated bank account. Again, only under scrutiny would anything be noticeably questionable within the fraudulent invoice. One of the most nefarious aspects of these scams is the unlikelihood of being caught in spam traps as these are targeted attacks and not mass emails. As these scams continue to grow and evolve it is important to be vigilant. The FBI has urged businesses to adopt the following processes:
At Complete Network Support it is our job to mitigate and eliminate threats to your business. We are your IT bureau ready for all phases of cybercriminal activity. Don’t go it alone, contact Complete Network Support.
In an ideal world, technology would be a consistent source of competitive advantage and benefit for small and midsized businesses. The reality is that many fail to realize that confidence.
Without the right resources and support, even a highly skilled technology team can become overwhelmed by the growing list of technology management duties. When important tasks get neglected, it creates ripple effects throughout an organization that damage productivity and efficiency.
The co-managed IT services model solves these problems by providing your existing IT team with all the support and resources they need to successfully plan, manage, and defend your network technology.
This guide covers:
Download it for free by filling out the form here.