Business email scams have led to $2.3 billion losses via rogue wire transfers

The number of companies that wired money as a result of email scams has grown 270 percent since January 2015

Over the past two and a half years, cybercriminals have managed to steal over $2.3 billion from thousands of companies worldwide by using little more than carefully crafted scam emails.

Known as business email compromise (BEC), CEO fraud or whaling, this type of attack involves criminals impersonating an organization's chief executive officer, or some other high-ranking manager, and instructing employees via email to initiate rogue wire transfers.

According to an alert issued earlier this week by the FBI, between October 2013 and February 2016, 17,642 organizations from the U.S. and 79 other countries have fallen victim to BEC attacks. The combined losses amount to over $2.3 billion, the agency said.

The scams can take different forms. Instead of an executive, the fraudsters can pose as one of the organization's foreign business partners or suppliers seeking a payment. The attackers usually do a lot of research about the targeted companies in advance to determine which of their employees handle money transfers and who they should impersonate.

In the more advanced attacks, the hackers can compromise the real email account of a company's CEO by using phishing or malware. This allows them to send wire transfer requests from the actual email address that the recipient would expect to see. In other cases they use similar domain names or address spoofing techniques.

Sometimes, the attackers gain access to a company's network or email server weeks in advance and spend time reading the emails sent between employees to understand the organization's internal workflows before they act.

The amount of the rogue transfers can range between a few thousand dollars to a few million depending on the victim's organization's size and industry profile.

Last week, AP reported that back in 2015, a finance executive from toy maker Mattel wired $3 million to a bank in China after falling victim to such an email scam. The unnamed employee received an email that appeared to be from Mattel's newly appointed CEO requesting that a payment be made to a Chinese vendor.

Reports earlier this year claimed that Belgian bank Crelan lost €70 million and Austrian airplane parts manufacturer FACC Operations lost 50 million following similar attacks.

According to the FBI's statistics, since January 2015 there has been a 270 percent rise in the number of BEC victims and losses. The agency advises organizations to be wary of wire transfer requests received via email, especially of those that invoke urgency. Employees should seek confirmation over the phone from the company's senior managers, business partners or suppliers when such requests are received.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?