FBI says $43Bn losses are due to BEC fraud
By MYBRANDBOOK
The FBI released a public service announcement revealing that business email compromise (BEC) attacks caused domestic and international losses of more than $43 billion between June 2016 to December 2021, with a 65% increase in losses between July 2019 and December 2021.
BEC or email account compromise are an advanced scamming technique that targets both employees and business and the businesses they work for. The scam includes social engineering as a means to compromise a legitimate business or personal email account or to perform an unauthorized transfer of funds.
The scam is not yet always associated with a money transfer, as one variation of the fraud involves compromising legitimate business email accounts and requesting employees personally identifiable information, Wage and Tax Statement (W-2) forms or even cryptocurrency wallets.
The FBI’s Internet Crime Complaint Center (IC3) feedback of this scam reveals two different modus operandi. The direct transfer method mirrors the traditional pattern of BEC incidents from the past. A cybercriminal sends altered wire information to the victim, and social engineers him or her to send a payment to a cryptocurrency custodial account controlled by the bad actor.
The second method is called the second-hop transfer in which the fraudsters make use of other cybercrime victims. The bad actor sends altered wire instructions to a victim, so that he or she sends payment to a second victim whose PII is owned by the attacker. The funds are then moved to a cryptocurrency account controlled by the cybercriminal, who can then cash it out the way they want.
Following measures can be followed for protection against BEC frauds:
· Use secondary channels or multi-factor authentication to verify requests for changes in account information. Make100% sure that the change request comes from a legitimate person.
· Ensure that the email is legitimate. If there are attached files, use malware analysis sandboxes and products to be sure the file is not malicious. Once again, ask for a manual inspection by IT security staff.
· Do not send PII information via email, especially login credentials. Be aware that most requests for such information by email are fraud attempts, even if it seems to come from a legitimate trusted entity.
· Monitor all financial accounts of the company on a regular basis for irregularities, especially missing deposits.
· Have all the software and operating systems up to date. In some cases, BEC cybercriminals might attempt to infect computers with malware, generally stealers.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : Harsh Jain
Harsh Jain, the co-founder of Dream 11, the largest fantasy sports web...
Icons Of India : NATARAJAN CHANDRASEKARAN
Natarajan Chandrasekaran (Chandra) is the Chairman of Tata Sons, the h...
Icons Of India : Arjun Malhotra
Arjun Malhotra, the Chairman of Magic Software Inc., is widely recogni...
NSE - National Stock Exchange
NSE is the leading stock exchange in India....
NIC - National Informatics Centre
NIC serves as the primary IT solutions provider for the government of ...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
Indian Tech Talent Excelling The Tech World - Sundar Pichai, CEO- Alphabet Inc.
Sundar Pichai, the CEO of Google and its parent company Alphabet Inc.,...
Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy
Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...