Chapter Member Photo: Kari Overson

Business Email Compromise (BEC): What It Is and How to Mitigate It

November 22, 2024 6:00 AM | Anonymous member (Administrator)

Business Email Compromise (BEC) is one of the most financially devastating types of cybercrime, targeting businesses and individuals through social engineering, phishing, and other deceptive tactics. According to the FBI’s Internet Crime Complaint Center (IC3), BEC attacks result in billions of dollars in losses annually, impacting organizations of all sizes.

This blog explores what BEC is, real-world case examples, and strategies to mitigate its risks.

What is Business Email Compromise?

BEC is a sophisticated scam where fraudsters gain unauthorized access to business email accounts or impersonate trusted contacts to manipulate victims into transferring money, sensitive data, or other valuable assets.

Common BEC Scenarios:

1.Fake Invoice Scheme: Fraudsters impersonate vendors and send fake invoices requesting payment to fraudulent accounts.

2.CEO Fraud: Attackers pose as executives, often via email, and request urgent payments or sensitive information.

3.Account Takeover: Hackers gain access to legitimate email accounts and use them to send fraudulent messages to employees or partners.

4.Payroll Diversion: Fraudsters use compromised emails to redirect employees’ direct deposits to their accounts.

Key Characteristics of BEC Attacks:

Typically rely on social engineering rather than malware.

Emails are often highly targeted, well-researched, and personalized.

Requests are designed to create urgency, limiting scrutiny.

Real-World Case Examples of BEC

1.Ubiquiti Networks Case (2015):

Ubiquiti Networks fell victim to a BEC scam, losing $46.7 million after attackers impersonated company executives and requested wire transfers to fraudulent accounts.

Learn more:Ubiquiti Networks BEC Case

2.Toyota Boshoku Corporation Case (2019):

This Japanese subsidiary of Toyota was defrauded of $37 million through a BEC attack involving fake payment requests.

Learn more:Toyota Boshoku BEC Case

3.Crelan Bank Case (2016):

Belgian bank Crelan reported losses of €70 million following a BEC attack targeting its internal financial operations.

Learn more:Crelan Bank BEC Case

How to Mitigate the Risk of BEC

BEC attacks can be devastating, but organizations can take proactive steps to mitigate their risks.

1. Strengthen Email Security

Enable Multi-Factor Authentication (MFA): MFA reduces the risk of account compromise by requiring additional verification.

Use Email Filters: Deploy advanced email filtering tools to detect and block phishing attempts.

2. Educate Employees

Train Staff on BEC Tactics: Employees should recognize red flags, such as unexpected requests for payments or sensitive information.

Phishing Simulations: Regularly conduct phishing simulations to assess and improve employee awareness.

3. Verify Requests Independently

Use Secondary Verification Channels: Verify any financial or sensitive requests through a separate communication method, such as a phone call.

Implement Dual Controls: Require multiple approvals for large or unusual transactions.

4. Monitor and Detect Anomalies

Set Up Alerts: Monitor email accounts for unusual login attempts, forwarding rules, or changes to account settings.

Conduct Regular Audits: Review financial and communication records for inconsistencies.

5. Develop Incident Response Plans

Establish Clear Protocols: Define steps to follow when a BEC attack is suspected or identified.

Report Incidents Promptly: Contact law enforcement and file a complaint with the FBI’s IC3.

What to Do If You Suspect a BEC Attack

1.Stop the Transaction: Contact your bank immediately to halt any payments made as part of a fraudulent request.

2.Preserve Evidence: Retain all emails, logs, and records related to the attack for investigation purposes.

3.Notify Authorities: Report the incident to the FBI’s IC3 (ic3.gov) or your local law enforcement agency.

4.Conduct a Post-Incident Review: Analyze the attack to identify vulnerabilities and strengthen defenses.

Final Thoughts

Business Email Compromise is a growing threat that requires a combination of vigilance, education, and robust security measures to combat. Organizations must remain proactive in their efforts to safeguard against these highly targeted attacks.

At the ACFE Pacific Northwest Chapter, we are committed to equipping businesses and professionals with the tools and knowledge to detect and prevent fraud, including BEC. If you’d like to learn more about BEC mitigation strategies or connect with Certified Fraud Examiners, reach out to us today!

For more resources on fraud prevention and real-world case studies, visit our blog and follow us on LinkedIn.

#FraudPrevention #BusinessEmailCompromise #BEC #CyberSecurity #ACFEPNW



Copyright © 2024 Pacific Northwest Chapter, ACFE - All Rights Reserved.

"ACFE Pacific Northwest Chapter" is a 501(c)3 non-profit organization. Bellevue, WA

Contact Us Online   or email at info@pnwacfe.org

Powered by Wild Apricot Membership Software