Business Email Compromise (BEC) scams have increased in volume and value over the last two years, with new data showing cybercriminals make over $300 million per month from US victims alone. 

The Financial Crimes Enforcement Network (FinCEN), a bureau of the US Department of Treasury, recently revealed that the number of BEC reports has skyrocketed, from 500 per month in 2016 to over 1,100 last year. The value of BEC thefts has also increased over the same period, from $110 million per month to $301 million. 

The manufacturing and construction sector were the most targeted industries in 2017 and 2018, accounting for over a fifth of reports during this time period. The commercial services industry was the second most targeted industry in 2018. Commercial services includes shopping centers, entertainment facilities, and lodging. This sector was followed by the real estate industry, which was attacks triple from 6% in 2017 to 18% in 2018. 

FinCEN claims that the majority of BEC attacks (73%) involved scammers receiving funds into US accounts, rather than ones overseas. They also noted that industries that are common in particular states more than likely represent the most targeted companies in each state (IE. Financial firms in New York). 

CEO impersonation accounted for 33% of scams in 2017, but shrunk to 12% in 2018, while the use of fraudulent vendor or client invoices increased from 30% to 39% over the period. Impersonation of an outside entity was 20% in 2018, but was not noted in 2017. 

Earlier this year, the FBI issued a warning claiming the losses and potential losses reported as a result of BEC scams hit over $12 billion globally. The report also found that the real estate industry is increasingly being targeted by hackers, claiming, "From calendar year 2015 to calendar year 2017, there was over an 1100% rise in the number of BEC/EAC victims reporting the real estate transaction angle and an almost 2200% rise in the reported monetary loss."

The best approach to handling BEC attacks is to accept that humans will make mistakes but to recognize that checks and balances are essential to staying safe from an attack. File Integrity Monitoring is advocated as an essential security defense by all leading authorities, such as NISTCIS, and the PCI Security Standards Council. Introducing NNT’s real-time FIM  solution into your IT Environment will ensure that a secure, hardened build standard is maintained at all times, and if any changes are made in underlying core file systems, you’ll be notified in real-time and able to take action before any serious harm is done.

 

 

 

 

Contact Us

USA Offices

New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]

 

UK Office

New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 Infosec Security Winners 2018 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.