Business Email Compromise (BEC) scams have increased in volume and value over the last two years, with new data showing cybercriminals make over $300 million per month from US victims alone. 

The Financial Crimes Enforcement Network (FinCEN), a bureau of the US Department of Treasury, recently revealed that the number of BEC reports has skyrocketed, from 500 per month in 2016 to over 1,100 last year. The value of BEC thefts has also increased over the same period, from $110 million per month to $301 million. 

The manufacturing and construction sector were the most targeted industries in 2017 and 2018, accounting for over a fifth of reports during this time period. The commercial services industry was the second most targeted industry in 2018. Commercial services includes shopping centers, entertainment facilities, and lodging. This sector was followed by the real estate industry, which was attacks triple from 6% in 2017 to 18% in 2018. 

FinCEN claims that the majority of BEC attacks (73%) involved scammers receiving funds into US accounts, rather than ones overseas. They also noted that industries that are common in particular states more than likely represent the most targeted companies in each state (IE. Financial firms in New York). 

CEO impersonation accounted for 33% of scams in 2017, but shrunk to 12% in 2018, while the use of fraudulent vendor or client invoices increased from 30% to 39% over the period. Impersonation of an outside entity was 20% in 2018, but was not noted in 2017. 

Earlier this year, the FBI issued a warning claiming the losses and potential losses reported as a result of BEC scams hit over $12 billion globally. The report also found that the real estate industry is increasingly being targeted by hackers, claiming, "From calendar year 2015 to calendar year 2017, there was over an 1100% rise in the number of BEC/EAC victims reporting the real estate transaction angle and an almost 2200% rise in the reported monetary loss."

The best approach to handling BEC attacks is to accept that humans will make mistakes but to recognize that checks and balances are essential to staying safe from an attack. File Integrity Monitoring is advocated as an essential security defense by all leading authorities, such as NISTCIS, and the PCI Security Standards Council. Introducing NNT’s real-time FIM  solution into your IT Environment will ensure that a secure, hardened build standard is maintained at all times, and if any changes are made in underlying core file systems, you’ll be notified in real-time and able to take action before any serious harm is done.

 

 

 

 

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

USA Offices

New Net Technologies LLC
4850 Tamiami Trail, Suite 301
Naples, Florida, 34103

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]

 

UK Office

New Net Technologies Ltd
The Russell Building, West Common
Harpenden, Hertfordshire
AL5 2JQ

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2022, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.