We have consistently reported about increased phishing attacks through emails that purport to come from high level executives, including CEOs. According to the FBI, the hackers use sophisticated social engineering to spoof company emails to “assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use language specific to the company they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy.”
It is such a problem that the FBI has issued another warning about the scams saying that there has been “a dramatic rise in the business e-mail compromise scam or “B.E.C.,” a scheme that targets businesses and has resulted in massive losses.”
The FBI states that it has received complaints from victims in every state in the U.S. and at least 79 countries, from 17,642 victims.
The losses associated with the email scams total more than $2.3 billion.
The most shocking statistic is that the FBI has seen a 270% increase in identified victims and exposed loss.
We too have seen a dramatic increase in phishing scams. Even the smallest of companies can be a victim. Employee awareness and education is key to combating these schemes. Other tips from the FBI:
- Be wary of e-mail-only wire transfer requests and requests involving urgency
- Pick up the phone and verify legitimate business partners (yes, the phone on your desk still works!)
- Be cautious of mimicked e-mail addresses
- Practice multi-level authentication
Hackers are getting more sophisticated and will continue to attack as long as they can get make a profit. Employees can help protect their companies by increasing vigilance, using their gut instincts, keeping antennae up, and picking up the phone and not being afraid to ask questions of the highest executives.