Flattr this
Cybercrime

What is a BEC Scam?




The news has been populated with tales of a new form of cyber fraud, one that is said to be growing uncontrollably with returns proving to be too lucrative for criminals to pass up. In June 2016 the FBI revealed that CEO fraud has cost businesses $3.1 billion since October 2013. 'BEC fraud' may also be referred to as 'CEO fraud' or a 'Whaling Attack'.

A recent attack yielded criminals the sum of $54.5 million in the case of FACC while $44.6 million was lost to cyberthieves by cable manufacturing firm, Leoni.

The FBI defines the now infamous BEC scam as thus:

The schemers go to great lengths to spoof company e-mail or use social engineering to assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.
There are various versions of the scams. Victims range from large corporations to tech companies to small businesses to non-profit organizations. Many times, the fraud targets businesses that work with foreign suppliers or regularly perform wire transfer payments.”
https://www.fbi.gov/contact-us/field-offices/phoenix/news/press-releases/fbi-warns-of-dramatic-increase-in-business-e-mail-scams

In over 40 percent of the cases the company CFO receives the fake email urging for the transfer of funds. Finance directors and controllers are also often targeted.
http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/billion-dollar-scams-the-numbers-behind-business-email-compromise

Before cheating their victims BEC scammers typically engage in a substantial social engineering campaign to learn about the intricacies of the target business, particularly when it comes to the personnel and mechanisms involved in the transfer of funds.
 
The FBI have identified the following common BEC scenarios:

Foreign Supplier Fraud

A longstanding business acquaintance suddenly requests wired funds for invoice payment to an alternate, fraudulent account. The demand is usually sent via a spoofed email account with content designed to mimic a legitimate request. Scammers may call or send a fraudulent fascimile.

Compromised Executive Email

Hackers compromise the email accounts of senior executives such as the CFO or CTO then send a request for a wire transfer to a second employee, someone within the company who is responsible for processing such requests. The cybercrooks may also be tempted to send a direct request for funds to a financial institution demanding that the money be sent to an alternate account.

Fraudulent Correspondence through Compromised E-mail

An employee of a business has his/her personal e-mail hacked. This personal e-mail may be used for both personal and business communications. Requests for invoice payments to fraudster-controlled bank accounts are sent from this employee’s personal e-mail to multiple vendors identified from this employee’s contact list. The business may not become aware of the fraudulent requests until that business is contacted by a vendor to follow up on the status of an invoice payment.

Attorney Impersonation

Victims report being contacted by fraudsters, who typically identify themselves as lawyers or representatives of law firms and claim to be handling confidential or time-sensitive matters. This contact may be made via either phone or e-mail. Victims may be pressured by the fraudster to act quickly or secretly in handling the transfer of funds. This type of BEC scam may occur at the end of the business day or work week and be timed to coincide with the close of business of international financial institutions.
https://www.ic3.gov/media/2016/160614.aspx


Readers are advised to be wary of e-mail-only wire transfer requests and requests involving urgency and to do the following:
  • Pick up the phone and verify legitimate business partners.
  • Be cautious of mimicked e-mail addresses
  • Practice multi-level authentication.
  • Verify any changes in vendor payment location by using a secondary sign-off by company personnel.
  • Stay updated on your customers’ habits including the details, and reasons behind payments.






About Afritechnet

0 comments:

Post a Comment

Powered by Blogger.