Federal investigators say that in the last 14 months alone, cyber thieves have stolen nearly $215 million from businesses through the “business email compromise” swindle, known more pithily as BEC.
BEC starts by hacking the accounts of business executives and employees that work with foreign suppliers or who regularly make wire transfer payments.
According to data from the Internet Crime Complaint Center published on the Krebs On Security blog, so far there have been 1198 victims of BEC in the US and 928 victims outside it, racking up a grand total of $214,972,503.30 lost.
Already the FBI says it has seen a variety of versions of BEC. Whether the scam is carried out by email or telephone, however, usually the thieves take advantage of a close relationship in the company – for example a CEO to the finance department, or an employee to a supplier.
So what can you do to protect yourself? Kevin Epstein, VP of Advanced Security and Governance of Proofpoint told TechWeekEurope that “For protection organisations must invest in a cloud-based advanced threat solution. Legacy email gateways won’t detect these threats – the emails contain no malware. ”
“Similarly, ‘sandboxes’ will miss these attacks, as there’s no binary to detect. Only modern protection systems, systems that use ‘big data’ analysis to find anomalies between standard email patterns from trusted sources and deviations in those patterns, based on content (a science known as ‘anomalytics’) will be able to find the needle in the haystack that these emails represent.”
Want to keep up-to-date with all the latest mobile news? Sign up for our free newsletter!
Lightweight artificial intelligence model launched this week by Microsoft, offering more cost-effective option for Azure…
ByteDance protest falls on deaf ears, as Senate passes TikTok ban or divest bill, with…
US Commerce Secretary Gina Raimondo says Huawei's flagship smartphone chip 'years behind' US technology, shows…
Cloud companies, business user groups say Broadcom price changes do not address their concerns, as…
Dating app Grindr sued over claims it shared sensitive user data, including HIV status, with…
Meta Platforms opens operating system behind Quest virtual reality headsets to third parties amidst competition…