Business Email Compromise
The silent pandemic of cybercrime
Palo Alto Networks’ IT security experts have released the results of a recent investigation into BEC (Business Email Compromise) attacks. These shed new light on the severity of this silent pandemic of cybercrime, which includes phishing and referral fraud.
The FBI recently warned that BEC attacks caused $1.87 billion in damage last year, making them among the costliest forms of cybercrime.
Palo Alto Networks analysts combed through recent case files and found that the average wire transfer fraud attempt was $567,000, and the highest was as high as $six million. Victims, as a rule, do not go public so as not to damage their reputation. This means that BEC does not receive as much attention compared to other cyber threats such as ransomware and supply chain attacks.
Among the hundreds of BEC cases that Palo Alto Networks has researched since the beginning of last year, IT security experts found that 89 percent of victims did not enable multi-factor authentication (MFA) or did not follow best practices for implementing it.
Palo Alto Networks has published a new blog on the “Nightmare email hacks” with the corresponding content, which contains current data on the rise of fraud through compromised business email compromise (BEC). The text includes graphic information on actual cases, tips to prevent these attacks and some new data that illustrate the extent of this silent pandemic of cybercrime.
- The average attempted theft was $567,000 and the highest attempt was a whopping six million dollars, in hundreds of cases identified by Palo Alto Networks (and Unit42’s team) since early last year.
- In 89 percent of these cases, multi-factor authentication (MFA) was not enabled or implementation best practices were not followed.
- MFA deficiencies can be remedied by conducting assessments to identify deficiencies in security controls.