The 3 most common types of BEC

Mailspike By Mailspike • March 17, 2021

Though BEC makes up only 7% of all phishing attacks, it has caused more than $26 billion in losses just in the last four years. Learn how to recognize such attacks and what you can do about them.

Over the past couple of years, scammers stole millions of dollars from businesses by compromising their official email accounts and using them to initiate fraudulent wire transfers. Scammers would typically impersonate high-level executives, send phishing emails from seemingly legitimate sources, and request wire transfers to alternate, fraudulent accounts. 

 

What is Business Email Compromise?

Business Email Compromise (BEC) is a type of scam that targets businesses that conduct wire transfers and have suppliers abroad. Corporate emails are compromised either through keyloggers or phishing attacks to do fraudulent transfers, resulting in hundreds of thousands of dollars in losses. BEC scammers rely heavily on social engineering tactics to trick unsuspected executives and employees. Often, they impersonate executives who are authorized to do wire transfers. Before anything, scammers make sure to carefully research and closely monitor their target victims and their companies.

 

Though BEC makes up only 7% of all phishing attacks, it has caused more than $26 billion in losses just in the last four years, according to the FBI. 91% of attacks happen during weekdays since attackers try to mimic business behavior as much as possible. The average Business Email Compromise attack targets no more than six employees. Almost all of the BEC attacks are designed as urgent requests to get a fast response. The costs and damages from BEC attacks are high. In the last year alone, the average amount lost per company due to BEC attacks was $270,000. But, damages are not only of financial nature. The impacts include business interruption, data loss, reduced productivity, regulatory fines, and brand damage.

Here are three basic BEC attacks to watch out for:

  1. Fake Invoice Scam - This type of scam involves the impersonation of a company's trusted supplier. It relies on social engineering and is most often achieved using spoofed email. The attack is then carried out by requesting funds to be wired for an invoice payment into a fraudulent account instead of a legitimate one of the real supplier. Even such giants like Google and Facebook have fallen victim to such a scam and lost over $100m.
  2. Wire Fraud Scam - This type of attack involves scammers who impersonate higher-level executives (CEO's, CFO's, or COO's) of the targeted company. It may look like they are handling urgent and confidential matters but are actually scamming. These scams are accompanied by a request to wire a transfer to an account within their control, with the urgent message for funds to be wired immediately.
  3. Human Resources Scam - In this particular type of attack, scammers pose as someone from a specific functional area in the company, such as HR. But, unlike the previous attacks, scammers will ask for personally identifiable information instead of money. However, this is even more damaging to the company than asking for money as the information received can make money or carry out a larger attack.

 

A robust email security system will keep every message and your system protected.

Author: Mailspike

The Anubis Labs team is tasked with the ongoing effort to discovery new threats, track and collect intelligence about malware and botnets and figure out the best approach to let our customers have a good insight on their threat landscape.