Business E-mail and Email Account Compromise

You get an email from a potential client that requests a wire money transfer by the end of the day. The e-mail looks like it is from a legitimate client. When a request such as this is rushed, it is a good idea to investigate. Check to see if the e-mail is coming from an actual email server, ask for more information from the potential client, and do not trust odd requests from unknown sources.

Business E-mail Compromise (BEC) and E-mail Account Compromise (EAC) are scams targeted at companies which perform wire transfer payments. The subject uses fraudulent techniques, such as email phishing and impersonation via facsimile or phone, to conduct unlawful transfer of funds from the targeted business. See the chart below for more statistics on BEC/EAC complaints.

According to an IC3 report, victims of BEC/EAC range from small to large businesses and are in no particular target market, making these attacks impossible to predict. To avoid becoming one of the 22,292 U.S. victims from October 2013 to December 2016, take these steps: avoid free web-based email accounts, report and delete spam e-mails from unknown parties, be wary of all e-mail requests for the transfer of funds, and educate your employees on cyber safety.

bec-aec-stats-e1495140788275.png

IC3 Statistics on BEC/EAC complaints

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s