Subscribe to Our Blog: SUBSCRIBE
Oct 10, 2018 BY Tim Foley

Business Email Compromise: A Growing Threat

Business email compromise attacks - or BEC - are not your father’s “Nigerian Prince” email scam. BEC attacks are strategic, effective, increasingly lucrative, and do not discriminate against industry or business size. As these attacks become more frequent, you must be diligent, skeptical, and cautious, and implement information system security best practices to avoid becoming a statistic.If your business operation relies heavily upon email communications, it’s important to know how to prevent business email compromise attacks.

What is a Business Email Compromise Attack? 

In a business email compromise attack, a cybercriminal hacks the corporate email account of an executive or other senior-level employee, and impersonates that person to defraud the company, its customers, partners, or employees into sending money or sensitive data. This type of Man-in-the-Middle business email compromise attack is sometimes referred to as a Man-in-the-Email attack because the hijacked communication stream always involves email communication. 

BEC by the Numbers.

Business email compromise attacks are becoming more common, so much so that both the FBI and information security companies have taken notice in the last several years. Based on the statistics the FBI has compiled, total global losses attributed to BEC now exceed $12.5 billion, which is up from $5.3 billion in 2016. 

Notable BEC Victims.

In 2015, the global toy company Mattel fell victim to a BEC attack resulting in the loss (and eventual return of) $3 million. In this attack, a cybercriminal posing as Mattel’s CEO, Christopher Sinclair, sent an email to Mattel’s finance executive requesting the wire transfer of $3 million to the Bank of Wenzhou in China. Fortunately, with the help of the FBI and the Bank of Wenzhou, they were able to retrieve the funds shortly thereafter. If your organization is wondering how to prevent business email compromise attacks, Dataprise CYBER’s managed security services can help.

How to Avoid Falling Victim to BEC Attacks. 

The best way to prevent business email compromise attacks is through comprehensive security management and training. With an ounce of prevention, you can avoid falling victim to one of these debilitating attacks. Educating your staff and implementing information security best practices, including 24x7 monitoring, are essential and proactive ways to protect yourself and your data. However, there are other methods, too.

I hosted a free webinar entitled “Think Like A Hacker: Unmasking Business Email Compromise” in which I went into greater detail about these attacks and the additional information and network security measures you can take to prevent them from happening to you. View our webinar HERE to learn more about business email compromise prevention.

Check Out Our Latest Cybersecurity Blogs
AWARD: Dataprise Cyber Named Top 200 MSSP

AWARD: Dataprise Cyber Named Top 200 MSSP

Sep 23, 2019 BY Dataprise CYBER
Dataprise Cyber was named a Top 200 Managed Security Services Provider (MSSP) for 2019 by MSSP Alert. Read more.
The Perimeter is Dead, Long Live the Perimeter

The Perimeter is Dead, Long Live the Perimeter

Sep 11, 2019 BY Tim Foley
Controlling access between the public internet and your internal systems lends to strong cyber defense. Click here to improve your perimeter defenses.
Key Data Breach Investigations Report (DBIR) Takeaways

Key Data Breach Investigations Report (DBIR) Takeaways

May 31, 2019 BY Tim Foley
The 2019 Verizon Data Breach Investigations Report has both repeated and new key findings about the state of information security. Read the summary of our findings here.
Subscribe to Our Blog: SUBSCRIBE