Business Email Compromise 24 Jan 2017
We've blogged about this before, but instances of business email compromise (BEC) are increasing. The FBI is warning potential victims of a dramatic increase in the BEC scam, with a 270% increase in identified victims and exposed loss since January 2015. From October 2013 through February 2016, losses have exceeded USD 2.3 billion.
BEC scams work because they target specific employees of an organisation with email that appears to be from their CEO, asking for a wire transfer of funds to a nominated recipient. Criminals either compromise the CEO's email account through phishing, or they use a very similar domain to the targeted organisation to send the message from. Often, the fraud targets organisations that regularly perform wire transfer payments. The emails avoid being caught as spam because they are not mass-mailed and address specific individuals.
There are some actions you can take to combat this threat:
- Educate users, particularly those that handle payments, of the nature of the attack.
- Follow up email requests with a telephone call to verify their veracity.
- Implement appropriate checking of financial transactions.
- Implement Sender Policy Framework (SPF) to prevent attackers from impersonating your domain; and to help detect and block emails sent to your organisation that use forged domains.
- Don't click on links or open attachments in unsolicited emails.
- Keep desktop anti-malware up to date.
- Don't use your computer day-to-day with an administrator account.
« Back to all blog entries