Business email compromise

From Wikipedia, the free encyclopedia
  (Redirected from Business Email Compromise)
Jump to navigation Jump to search

Business email compromise (BEC) is a form of email fraud. Typically it involves targeting employees with access to company finances and using social engineering to trick them into making money transfers to the bank accounts of the fraudster. Often email spoofing is used to create an email pretending to be from the CEO, or a trusted customer.[1]

The worldwide financial impact is large, with the US's FBI in 2017 reporting losses, "...now totaling over $3 billion.”[2]

From 2016 to 2018 BEC made over $5 billion. By 2020 there are expected to be 20 billion connected IoT devices, making it easier for adversaries to successfully carry out ransomware attacks including BEC[3].

Incidents[edit]

See also[edit]

References[edit]

  1. ^ Joan Goodchild (20 June 2018). "How to Recognize a Business Email Compromise Attack". Security Intelligence. Retrieved 11 March 2019.
  2. ^ "Business E-Mail Compromise". FBI. Retrieved 20 December 2018.
  3. ^ Uzialko, Adam (June 14, 2018). "19 Small Business Trends and Predictions for 2018" (PDF). Business News Daily. Retrieved February 24, 2019.
  4. ^ Breen, Stephen (21 December 2017). "Dublin Zoo hit by cyber criminals in suspected €500k..." The Irish Sun. Retrieved 20 December 2018.
  5. ^ "Austria's FACC, hit by cyber fraud, fires CEO". Reuters. 26 May 2016. Retrieved 20 December 2018.
  6. ^ "Te Wananga o Aotearoa caught up in $120k financial scam". NZ Herald. Retrieved 20 December 2018.
  7. ^ "Fire Service scammed out of $52,000". RNZ News. 23 December 2015. Retrieved 20 December 2018.
  8. ^ Hackett, Robert (August 10, 2015). "Fraudsters duped this company into handing over $40 million". Fortune magazine. Retrieved 20 December 2018.
  9. ^ Wallack, Todd (13 December 2018). "Hackers fooled Save the Children into sending $1 million to a phony account". The Boston Glob. Retrieved 20 December 2018.