Categories: CyberCrimeSecurity

Businesses Lose $215m to BEC Email Scam – So How Do You Protect Yourself?

Federal investigators say that in the last 14 months alone, cyber thieves have stolen nearly $215 million from businesses through the “business email compromise” swindle, known more pithily as BEC.

BEC starts by hacking the accounts of business executives and employees that work with foreign suppliers or who regularly make wire transfer payments.

Wide-scale losses

According to data from the Internet Crime Complaint Center published on the Krebs On Security blog, so far there have been 1198 victims of BEC in the US and 928 victims outside it, racking up a grand total of $214,972,503.30 lost.

Already the FBI says it has seen a variety of versions of BEC. Whether the scam is carried out by email or telephone, however, usually the thieves take advantage of a close relationship in the company – for example a CEO to the finance department, or an employee to a supplier.

The scam then sends an email or phone call to an employee with access to company funds asking them to wire money for an invoice payment into a fraudulent account. The attack is normally well-researched and convincing.

So what can you do to protect yourself? Kevin Epstein, VP of Advanced Security and Governance of Proofpoint told TechWeekEurope that “For protection organisations must invest in a cloud-based advanced threat solution. Legacy email gateways won’t detect these threats – the emails contain no malware. ”

“Similarly, ‘sandboxes’ will miss these attacks, as there’s no binary to detect. Only modern protection systems, systems that use ‘big data’ analysis to find anomalies between standard email patterns from trusted sources and deviations in those patterns, based on content (a science known as ‘anomalytics’) will be able to find the needle in the haystack that these emails represent.”

Want to keep up-to-date with all the latest mobile news? Sign up for our free newsletter!

Alysia Judge

Recent Posts

Nokia CEO Predicts 2030 Arrival For 6G, But Not On Smartphone

Nokia CEO Pekka Lundmark offers his predictions as to arrival of 6G connectivity in this…

3 hours ago

Mark Zuckerberg Sued By DC AG Over Cambridge Analytica Scandal

Four years later, and Washington DC Attorney General decides to sue Mark Zuckerberg personally over…

4 hours ago

Silicon UK In Focus Podcast: The Future of SaaS

How has Saas become an essential component of a successful business? The importance of a…

9 hours ago

Running to the Cloud: Why Enterprise Companies Need a Cloud-based Payroll

As businesses re-examine how they operate in a post-pandemic world, it is increasingly evident that…

9 hours ago