More than $3.9bn lost to BEC scams


By Dylan Bushell-Embling
Thursday, 14 July, 2016


More than $3.9bn lost to BEC scams

Organisations worldwide have lost more than US$3 billion to business email compromise (BEC) scams, with more than 400 businesses hit with such scams daily, research from Symantec indicates.

BEC scams, also known as CEO fraud, involve scammers sending spoofed emails purportedly from CEOs or other high-ranking executives requesting large money transfers.

Such attacks require little technical expertise but can be very lucrative, which makes them attractive for cybercriminals. Symantec notes the example of Austria’s aerospace components maker FACC, which recently fired its CEO after losing US$50 million ($65.7 million) to such a scam.

Data from Symantec’s email security team indicates that SMEs are the most frequent targets of BEC scammers, accounting for 38% of attacks.

The next largest category is the financial sector, at 14%, followed by health care and technology (8% apiece), energy (7%), retail (5%), education (3%) and travel (2%). The remaining 15% of victims fall into the “other” category.

The data show that hundreds of organisations are receiving BEC scam emails every day. Among these, at least two employees will be targeted with a BEC email, most commonly senior financial staff.

FBI statistics meanwhile indicate that there have been 22,000 victims of BEC fraud globally in the past three years, which together lost over US$3 billion ($3.94 billion) to the scams.

BEC emerged as an evolution of the well-known 419 scams originating from Nigeria, and as a result 46% of the email addresses used by scammers in the cases Symantec evaluated came from the country. One such group of scammers was responsible for 12% of BEC email traffic observed.

BEC scammers commonly use one- or two-word subject lines to avoid suspicion and make them harder to filter. The most common subject line is “Request” 25%, followed by “Payment” (15%) and “Urgent” (10%), with most of the remainder being variations on these themes.

To protect against BEC scams, Symantec advises professionals to question any emails that seem unusual or aren’t following normal procedures to abstain from replying to any emails that seem suspicious — instead obtaining the sender’s address from the corporate address book to ask them about the message — and to use two-factor authentication for initiating wire transfers.

Related Articles

Nation-state actors have their sights on the cloud

Prioritising the protection of credentials and adopting robust security measures can better...

Combating financial crime with AI

Rapid digital transformation across Australia and New Zealand has provided cybercriminals with...

Learning from the LockBit takedown

An international taskforce has seized the darknet sites run by LockBit, but relying on law...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd