Phishing Scams Cost American Businesses Half A Billion Dollars A Year
These days, the FBI devotes a lot of time and effort to cybercrimes, particularly those they refer to as business email compromise scams. BECs are a type of phishing attack in which criminals target businesses that frequently send international wire transfers, and they can involve huge sums of money. A report issued this week by the Bureau reveals just how huge.
From October 2013 to December 2016, the FBI investigated just over 22,000 of these incidents involving American businesses. In total, they saw losses approaching $1.6 billion. That’s roughly $500 million every year being scammed and dollar figures involved have climbed sharply – up 2370% between Janury 2015 and last December.
No business is immune from BECs, it seems. There have been victims in all 50 states, and for the most part no one segment is targeted more frequently than another. Attackers are, however, giving more attention to parties involved in real estate transactions. Lawyers and realtors remained in the crosshairs, but the Internet Crime Complaint Center received almost five times as many reports from title companies last year.
It’s easy enough to see why real estate phishing is on the rise: large sums of money change hands and there are several potential weak links in the transaction process. Compromising any one of those with a successful phish of account details can give an attacker access to a trusted email address from which to launch the second stage of the attack. The fraudster can lie in wait skimming emails for information about a transaction and then send off fraudulent wire instructions to a buyer, seller, or escrow agent when the time is right.
The closing section of the FBI bulletin offers several tips for avoiding BECs, and they’re worth studying whether or not you own or operate a business. Among them: being more cautious when requests are urgent or secrecy is requested, closely scrutinizing any communications (sender’s email address, writing style, etc.) involving financial details, and implementing two-factor authentication to minimize the potential for account breaches.
The post Phishing Scams Cost American Businesses Half A Billion Dollars A Year appeared first on McAfee Blogs.