Menu
Business email scams have led to $2.3 billion losses via rogue wire transfers

Business email scams have led to $2.3 billion losses via rogue wire transfers

The number of companies that wired money as a result of email scams has grown 270 percent since January 2015

Over the past two and a half years, cybercriminals have managed to steal over $2.3 billion from thousands of companies worldwide by using little more than carefully crafted scam emails.

Known as business email compromise (BEC), CEO fraud or whaling, this type of attack involves criminals impersonating an organization's chief executive officer, or some other high-ranking manager, and instructing employees via email to initiate rogue wire transfers.

According to an alert issued earlier this week by the FBI, between October 2013 and February 2016, 17,642 organizations from the U.S. and 79 other countries have fallen victim to BEC attacks. The combined losses amount to over $2.3 billion, the agency said.

The scams can take different forms. Instead of an executive, the fraudsters can pose as one of the organization's foreign business partners or suppliers seeking a payment. The attackers usually do a lot of research about the targeted companies in advance to determine which of their employees handle money transfers and who they should impersonate.

In the more advanced attacks, the hackers can compromise the real email account of a company's CEO by using phishing or malware. This allows them to send wire transfer requests from the actual email address that the recipient would expect to see. In other cases they use similar domain names or address spoofing techniques.

Sometimes, the attackers gain access to a company's network or email server weeks in advance and spend time reading the emails sent between employees to understand the organization's internal workflows before they act.

The amount of the rogue transfers can range between a few thousand dollars to a few million depending on the victim's organization's size and industry profile.

Last week, AP reported that back in 2015, a finance executive from toy maker Mattel wired $3 million to a bank in China after falling victim to such an email scam. The unnamed employee received an email that appeared to be from Mattel's newly appointed CEO requesting that a payment be made to a Chinese vendor.

Reports earlier this year claimed that Belgian bank Crelan lost €70 million and Austrian airplane parts manufacturer FACC Operations lost 50 million following similar attacks.

According to the FBI's statistics, since January 2015 there has been a 270 percent rise in the number of BEC victims and losses. The agency advises organizations to be wary of wire transfer requests received via email, especially of those that invoke urgency. Employees should seek confirmation over the phone from the company's senior managers, business partners or suppliers when such requests are received.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
EDGE 2017 - Icebreaker Sessions round 2

EDGE 2017 - Icebreaker Sessions round 2

EDGE guests experience the value of networking at the second round of Icebreaker sessions.. Photos by Maria Stefina

EDGE 2017 - Icebreaker Sessions round 2
EDGE 2017 Dinner Under the Stars

EDGE 2017 Dinner Under the Stars

EDGE's Day 2 keynote and breakout sessions were followed by the Dinner Under the Stars. Over 300 people were present to enjoy a seafood feast and lots of excitement at Hamilton Island's Bougainvillea Marquee. Photos by Maria Stefina.

EDGE 2017 Dinner Under the Stars
Show Comments