$12 Billion in Email Scams


It doesn’t matter what industry you’re a part of, EVERYONE uses email. Even prolific business chat platforms like Slack, Yammer, Skype, HipChat, Hangouts, and the like haven’t been able to take email down. What does this mean for your organization?

It means you’re susceptible to Business Email Compromise (BEC).  What is BEC, you ask? Let our friends at the FBI fill us in:

“Business Email Compromise (BEC)/ Email Account Compromise (EAC) is a sophisticated scam targeting both businesses and individuals performing wire transfer payments. The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.”

That’s right, BEC is a 12-billion-dollar scam and as long as email is here, so is BEC. Now let’s look at a small scenario:

You’re the finance manager at a small business. You get an email from one of your vendors saying you’re overdue on your payment, but you know you paid the bill last month. So why haven’t they received the payment?  You look back to the last emails you had with the vendor and it turns out you weren’t corresponding with the correct people.

How can you prevent this from happening in your organization?

Training – A lot of organizations lack the proper cybersecurity training needed to equip their users to defend against these types of scams.

Procedures – Simple procedures for wiring money that ensure more than one set of eyes are confirming transfers absolutely help reduce the effectiveness of a BEC.

Secure Messaging – A secure messaging system could be your best friend to make sure you are speaking to the proper party. Email systems are sophisticated and complicated to make secure, but configuring the security correctly significantly reduces a BEC.

Multifactor Authentication – Because the only person reading and sending your messages should be you!

BEC is not an overly sophisticated attack. But it is a real threat, and it should be taken extremely seriously. Learn more about how Clinic IT’s Defense in Depth approach helps keep you and your organization safe from financial loss.

Clinic ITComment