Cybercrooks take new approach to BEC: Ways to stay safe
Last year, the U.S. saw an “unprecedented” increase in malicious cyber activity, such as business email compromise (BEC). Crooks tried to gain access to W-2 info and other valuable data that employers possess. That’s according to the latest info from the FBI.
In 2021, the FBI’s Internet Crime Complaint Center (IC3) received 847,376 complaints – a 7% increase from 2020. Potential losses to businesses and the general public reached nearly $7 billion.
Once again, BEC was one of the top incidents reported to IC3.
But now, scammers have come up with some new and convincing ways to get your money, as revealed in the 2021 FBI Internet Crime Report.
New videoconferencing method
During the COVID-19 pandemic, in-person meetings got shut down, and telework and virtual communication skyrocketed. Cyber adversaries seized on that opportunity for business email compromise. Here’s how:
First, they compromised a CFO or CEO email and then used the email to request that employees participate in virtual meeting platforms. Next, the fraudsters inserted a still picture of the CFO or CEO with no audio or a “deep fake” audio. They’d claim the audio or video wasn’t working properly.
Finally, over the virtual meeting platform, the cyberthieves would give verbal instructions for employees to initiate wire transfers, or they’d communicate the request through the compromised email.
4 steps you can take
So, how can you protect your company from BEC schemes like this, so you don’t fall victim to cyberattacks?
- Contact your bank as soon as you find fraud. Request a recall or reversal. Ask for a Hold Harmless Letter or Letter of Indemnity.
- File a detailed complaint with IC3.
- Visit www.ic3.gov for public service announcements on new schemes.
- Don’t make any payment changes without verifying with the intended recipient first. Plus, double-check that email addresses are accurate, especially when using cell phones or other mobile devices.
Free Training & Resources
White Papers
Provided by Anaplan
Webinars
Provided by Insightsoftware
Further Reading
Hackers love attacking via email because of how easy it is to do. That’s why an ounce of email cyber security can prevent a ton of fr...
Whether they’re triggered by criminal fraud, duplicate charges, a technical glitch or a dissatisfied customer, credit card chargeback...
Increasingly clever cybercriminals are out to take your company’s money. They’d even stoop so low as hacking you with a purchase order ...
With remote work here to stay, A/P has to work harder to verify crucial information, such as vendor bank account numbers. Unfortunately,...
Financial crime is evolving faster than finance teams can keep up. Deepfakes fool executives into authorizing wire transfers. Synthetic ide...
The Securities and Exchange Commission (SEC) can no longer deny a party charged with securities fraud to a jury trial in a federal court. ...