[img src=”/wp-content/uploads/sites/1097/2017/05/ProvidenceConsulting_CEOFraudEmailScam-blogpost.jpg” class=”aligncenter”]
There is no better budget ammo for new-school security awareness training than to prevent phishing attacks.
Attempts at cyber wire fraud, using spoofed email to impersonate a C-level executive or trusted business associates, surged in the last seven months of 2016, the FBI said in a May 4, 2017 warning.
Cyber criminals tried to steal 5.3 billion dollars through schemes what the FBI calls “business email compromise” — also known as CEO fraud — in a new report at its Internet Crime Complaint Center.
The figure is up sharply from previous FBI reports which showed cyber scammers attempted to steal $3.1 billion from October 2013 through May 2016.
The Number of Cases Doubled
The number of business-email compromise cases, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments, almost doubled from May to December of last year, rising to 40,203 from 22,143, the FBI said.
The survey does not track how much money was actually lost to criminals. However, the FBI said that about one in four U.S. victims respond by wiring money to fraudsters. Victims have about 24 hours to try to claw back the money, but if it gets past that deadline, the risk of losing everything is high because the bad guys have likely cashed out by that time.
Incidents Known to FBI Are Just 20% of Total
Robert Holmes, a Proofpoint Inc, business email compromise researcher estimates that the incidents known to the FBI are just 20 percent of the total, and that total actual losses could be as much as double the figures reported.
“The losses are growing as scammers become more sophisticated, delving deeper into corporate finance departments to find susceptible targets. This is not a volume play; it’s a carefully researched play,” he said.
The United States is by far the biggest target market, though cyber gangs have started to expand in other countries like Australia, the U.K., France and Germany, Holmes said.
The U.S. Department of Justice said in March that it had charged a Lithuanian man with orchestrating a fraudulent email scheme that had tricked agents and employees of Facebook and Google into wiring more than $100 million to overseas bank accounts.
Domain Spoof Test
See if your organization can have their emails spoofed easily. Providence Consulting offers a one-time free testing service that lets you address your email service configuration issues.
Click https://www.makingtecheasy.com/domain-spoof-test/ to schedule your test today.