Updated: Jul 31
A Business Email Compromise, also called BEC for short, has been dubbed by experts as one of the largest growing schemes in cybercrime due to its high success rates, ease of implantation, and massive payouts for the criminals.
In a BEC attack, cybercriminals obtain access to your REAL email account by malicious means or even purchasing reused credentials of yours from leaks on the Dark Web. Once they are into your account, they lay dormant and often undetected for weeks or even months. During this time, they are collecting valuable information about your company, your employees, your operation’s intricacies, and normal finance/payment procedures.
They watch your everyday communications with your team, waiting for the perfect opportunity to arise. Then, they interject themselves in a legitimate conversation regarding payment of an invoice and state (from your actual email account) that funds need to be sent to a “new” bank account. And just like that, tens of thousands of dollars are gone without a trace.
Unfortunately, there is little to no recourse for getting your hard-earned stolen funds back. The FDIC and your bank do NOT cover this type of fraud. Cyber insurance may, however the vast majority of businesses we have worked with did not carry this type of coverage prior to consulting with us. The best cure is always prevention – in this case preventing these criminals from getting into your email in the first place and having all staff trained on what red flags to be watching out for.
Are you worried and ready to protect your business from this growing threat?