BEC once again with the renegade master
We’ve talked about this stuff on a number of occasions before, but it seems that a refresher might be the order of the day.
Business Email Compromise (BEC) schemes are the scams where the nasty bad people send emails to staff, usually accounts/bills payable staff, purporting to be from the CEO/Chairman/Grand Fromage, requesting payment to be made to a third party which although it sounds credible, is in fact, you guessed it, the villains themselves. Mwahahaha.
What is becoming increasingly clever in these attacks is the huge amount of groundwork (reconnaissance), followed by sophisticated social engineering to get these scams over the line.
The situation has reached such a point that the FBI, no less, felt it necessary to issue an alert on the subject this week. You can find it here.
The jaw-dropping statistic in this announcement is that from January 2015, there has been a massive 1,300% increase in these scams worldwide, and: ‘Reports indicate that fraudulent transfers have been sent to 79 countries with the majority going to Asian banks located within China and Hong Kong’. The exposed dollar loss is estimated at: $3,086,250,090. WOW, 3 Beeelion dollars!
The FBI announcement details a number of scam scenarios and also what you can do if you become a victim. We very much recommend that you take a good look at it and see if you can adopt the best practices recommended within your business.
Our perspective is that no amount of process or procedure will compensate for quality, regular training and reinforcement for all staff, tailored to their role. It is imperative that you educate your accounts staff to be very aware of this growing threat! ITC can of course help you to build and execute a suitable security-training plan.
In other news, and this will come as no surprise to regular readers, is this week’s Adobe patch which fixes no fewer than 36 vulnerabilities, all with their own lovely CVE number. If you can’t do without Adobe, you know the drill people, make sure it is up to date before judgement day comes early.
You can read all about the latest Adobe debacle here, if you really want; but there really is no need unless you want to ruin your weekend. Just make sure you are up to date.
If you would like to know any more about the issues discussed in this blog, or would just like a chat with one of our soothing professionals, please contact us on: [email protected] or 020 7517 3900.