sb-as logo
Story image

BEC scams targeting a business near you

Symantec have found that more than 400 companies are targeted with business email compromise (BEC) scams every day.

BEC scams are low-tech financial fraud in which hoax emails from CEOs are sent to financial staff to request transfers of large amounts of money.

These scams don’t require a huge breadth of skill, but the financial rewards for the fraudsters can be extremely high.

According to Symantec, an Austrian aerospace manufacturer recently fired its president and CFO after it lost almost US$50 million to BEC fraudsters.

So who’s being hit by these scams? And who are the people behind them? Here are some key findings:

Small and medium sized businesses are being targeted the most

Almost 40% of identified victims are small to medium sized businesses. The next largest category of victim is the financial sector, at 14%.

Organisations have lost over $3 billion US dollars to BEC scams

BEC is an evolution of the infamous Nigerian 419 scams 

According to Symantec, the Nigerian 419 scams were one of the first email financial scams. Emails were sent to individuals promising them riches in return for a small donation to help a fictional Nigerian prince. These scammers are now targeting businesses, using less elaborate tricks to get them to transfer the money. 

"Request” is the most common subject line

Symantec also found that BEC scammers like to keep things simple. Generally emails contain a single-word subject line, with one or more of the following words: request, payment, urgent, transfer, enquiry.

To protect yourself from BEC scams Symantec suggest you:

  • Question any emails requesting actions that seem unusual or aren’t following normal procedures
  • Users shouldn’t reply to any emails that seem suspicious. Obtain the sender’s address from the corporate address book and ask them about the message
  • Use two-factor authentication for initiating wire transfers

If you're afraid that you have in fact been a victim of BEC fraud, get in contact with your bank and local law enforcement ASAP.  

Story image
2020's nastiest malware revealed
"Cybercriminals are relying on same old tricks to secure their financial treats, because they continue to be successful."More
Story image
Cybersecurity market continues meteoric ascent
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Story image
How to address cyber-threats as a strategic risk
Becoming a cyber-secure organisation in the face of an evolving threat landscape requires a strategic, business-focused approach to security as opposed to a tactical approach in which security is addressed simply by implementing new tools.More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
Why organisations should wise up to the DDoS extortion trend
While it is essential to have a DDoS mitigation solution in place, it’s also important to test that it works as expected, writes NCC Group director of technical security consulting for Asia Pacific Tim Dillon.More