Business email compromise schemes steal billions from companies every year. Bright idea: Set up a “safe word” with anyone with finance access. If you ask an employee to make a big transaction on your behalf, it’s a no-go unless you say something like, “Transfer the cash. Pineapple.”
This tricky email scam can fool just about anyone
Business email compromise (BEC) is one of the leading causes of company fraud, and the threat is growing. These are phishing emails where scammers pretend to be someone who works in your company to steal vital information or rip you off financially.
Read on to discover why BEC scams are rising and get a few suggestions to avoid falling victim.
BEC phishing emails on the rise
Phishing emails are usually designed to trick the receiver into clicking a malicious link, downloading malware or supplying sensitive information. In a twist on these old scams, criminals are now targeting employees with BEC phishing emails.
Thieves spend some time getting to know the ins and outs of a company before targeting employees. Then they send emails pretending to be coworkers or even your boss in hopes of catching you off guard.
BEC emails can contain PDF or Word documents that claim to be payment confirmations, purchase orders or delivery receipts. But once you click the link, it infects your device with malware. Some schemes skip malware altogether and request payment from company funds.
According to cybersecurity company Abnormal Security, impersonating a company executive through phishing emails is on the rise. What makes it even scarier is that many of these emails are convincing, and almost anyone could fall for them.
“The median open rate for text-based business email compromise attacks involving the impersonation of internal executives and external third parties was nearly 28%, with an overall average read rate of 20%,” it explains in a blog post.
By impersonating an executive, scammers send emails to suppliers, finance departments or customers, asking about an outstanding payment and informing them about the company’s new banking details.
And that’s how the latest scams work. No malicious links, attachments, or malware are needed. If the recipient doesn’t follow simple security measures, they could hand over company details or even finances without suspicion.
Another issue Abnormal Security warned about is the lack of reporting by employees. Employees report only 2.1% of BEC attacks to their company. That’s terrible!
If you think you’ve received a BEC scam email, report it to IT ASAP. That way, IT can let other employees know what to watch for to protect the company. Even if it turns out not to be a BEC scam, it’s good to let your company know. It’s always better to be safe than sorry.
6 data breach dangers lurking in your home and office
Hollywood has helped create an image that instantly pops into our minds when we hear the term cyberattack. Many of us think of a group of devious hackers led by the likes of Hans Gruber from “Die Hard.” While people like Gruber exist, most cybercriminals are simply common thieves looking to rip people off.
Scammers have a clever new trick to steal money: Video chats
Business email compromise (BEC) is one of the leading causes of company fraud, and it’s only growing. These are phishing emails where scammers pretend to be someone who works in your company to steal important information or rip you off financially. Tap or click here for ways to spot fake business emails.
Warning: 3 scams sitting in your inbox or following you online
If you think you’re immune to the biggest scams making the rounds on the web, think again. Just this week, the FBI exposed a scam campaign affecting at least 150 different companies — and hackers behind it have already banked more than $15 million from their efforts.
5 scams spreading online that can cost you thousands
We know that scams are rampant, but so many Americans still fall for them. Think you’re immune? Take Google’s scam spotter quiz and see if you can pass it.
You may have noticed that the number of robocalls slowed down when the pandemic hit. As call centers reopen around the world, robocalls are increasing. Tap or click here for proven ways to stop annoying robocalls for good.
FBI warning: Avoid these Microsoft and Google scams
Google and Microsoft are taking bold stances in the face of the coronavirus outbreak. Rather than upcharge customers forced to work from home, they’re actually offering their premium business services for free. This makes it easier for employees to operate remotely across the country.