Business email scams have led to $2.3 billion losses via rogue wire transfers

The number of companies that wired money as a result of email scams has grown 270 percent since January 2015

Over the past two and a half years, cybercriminals have managed to steal over $2.3 billion from thousands of companies worldwide by using little more than carefully crafted scam emails.

Known as business email compromise (BEC), CEO fraud or whaling, this type of attack involves criminals impersonating an organization's chief executive officer, or some other high-ranking manager, and instructing employees via email to initiate rogue wire transfers.

According to an alert issued earlier this week by the FBI, between October 2013 and February 2016, 17,642 organizations from the U.S. and 79 other countries have fallen victim to BEC attacks. The combined losses amount to over $2.3 billion, the agency said.

The scams can take different forms. Instead of an executive, the fraudsters can pose as one of the organization's foreign business partners or suppliers seeking a payment. The attackers usually do a lot of research about the targeted companies in advance to determine which of their employees handle money transfers and who they should impersonate.

In the more advanced attacks, the hackers can compromise the real email account of a company's CEO by using phishing or malware. This allows them to send wire transfer requests from the actual email address that the recipient would expect to see. In other cases they use similar domain names or address spoofing techniques.

Sometimes, the attackers gain access to a company's network or email server weeks in advance and spend time reading the emails sent between employees to understand the organization's internal workflows before they act.

The amount of the rogue transfers can range between a few thousand dollars to a few million depending on the victim's organization's size and industry profile.

Last week, AP reported that back in 2015, a finance executive from toy maker Mattel wired $3 million to a bank in China after falling victim to such an email scam. The unnamed employee received an email that appeared to be from Mattel's newly appointed CEO requesting that a payment be made to a Chinese vendor.

Reports earlier this year claimed that Belgian bank Crelan lost €70 million and Austrian airplane parts manufacturer FACC Operations lost 50 million following similar attacks.

According to the FBI's statistics, since January 2015 there has been a 270 percent rise in the number of BEC victims and losses. The agency advises organizations to be wary of wire transfer requests received via email, especially of those that invoke urgency. Employees should seek confirmation over the phone from the company's senior managers, business partners or suppliers when such requests are received.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Lucian Constantin

Lucian Constantin

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?