BEC is a growing type of cybercrime that generates billions in losses each year. It also includes more and more cryptocurrencies, providing an extra layer of anonymity to cybercriminals.

Image: Getty Images / iStockphoto / Balefire9

The Federal Bureau of Investigation issued a report saying there had been 65% increase in identified global exposed losses from Business email compromise fraud, also known as email account compromise. This huge increase may be due in part to the COVID-19 pandemic, as restrictions have forced more jobs and individuals to do routine business virtually.

Statistics collected by IC3 of the FBI (Center for Internet Crime Complaints), law enforcement and extracted from documents filed with financial institutions between June 2016 and December 2021, revealed a total of 241,206 domestic and international incidents of open loss from $ 43,312,749,946.

LOOK: Mobile device security policy (TechRepublic Premium)

Between October 2013 and December 2021, there were 116,401 complaints of victims in the United States up to IC3 and 5,260 victims outside the United States. The reported loss to US victims is nearly $ 15 billion, while the reported loss to non-US victims is just over $ 1.2 billion.

What is BEC?

Compromise with business email is a complex scam aimed at companies and individuals who fulfill legal requests to transfer funds.

Social engineering or the use of malicious software allows cybercriminals to impersonate one of the people involved in these remittances in order to get the victim to send the money to a bank account owned by the cybercriminals.

Once a fraud is discovered, it is often too late to take the money back, as fraudsters force them to quickly move to other accounts and withdraw cash or buy cryptocurrencies with them.

Fraud is still not always money transfer, as one of the options for fraud involves compromising legitimate business email accounts and requiring personal information from employees, pay forms and tax returns (W-2) or even cryptocurrency wallets. according to the agency.

Cryptocurrency is increasingly involved in BEC campaigns

Cybercriminals campaigning for the BEC are increasingly using cryptocurrencies as cryptocurrency transactions provide more anonymity than regular bank transfers.

Image: FBI / IC3.  Increase in cryptocurrency, reported loss related to BEC complaints.
Image: FBI / IC3. An increase in cryptocurrency reports a loss related to complaints from the BEC.

The feedback from IC3 after tracking some iterations of this scam reveals two different modes of action.

The direct transfer method reflects the traditional model of BEC incidents from the past. A cybercriminal sends changed telegraph information to the victim and social engineers send him or her a payment to a custody account of a cryptocurrency controlled by the bad actor.

The second method is called second hop transfer. In this attack, fraudsters use other victims of cybercrime. The bad actor sends modified instructions to the victim so that he or she sends payment to a second victim whose PII is owned by the attacker. The funds are then transferred to an account in a cryptocurrency controlled by the cybercriminal, who can then redeem them in the way he wishes. This additional layer of victims who are proxies of the funds are often victims of extortion, romantic fraud or technical fraud and have provided all the necessary PII to the threat.

How to protect yourself from fraud with BEC

  • Use secondary channels or multi-factor authentication to verify requests for changes to account information. Make sure the request for change comes from a legitimate person. If in doubt, do not make the transfer.
  • Make sure your email is legitimate. Carefully check the links included in the email and check for all the properties of the email. You can ask your IT security or CSIRT staff to analyze the email and confirm that it is legitimate. If there are attachments, use sandboxes and malware analysis products to make sure the file is not malicious. Once again, request a manual check from the IT security staff.
  • Do not send PII information by email, especially login credentials. Keep in mind that most requests for such information by email are attempted fraud, even if they appear to come from a legitimate trusted entity.
  • Regularly monitor all financial accounts of the company for irregularities, especially for missing deposits.
  • Update all your software and operating systems. In some cases, BEC cybercriminals may try to infect computers with malware, usually thieves.

Disclosure: I work for Trend Micro, but the views expressed in this article are mine.

FBI: $43 billion in losses are due to Business Email Compromise fraud between 2016 and 2021

Previous articleIntel Vision 2022: All updates and live announcements from Dallas, Texas
Next articleBiden and Harris present new subsidies for internet connection