Business Email Compromise *** IMPORTANT SECURITY NOTICE ***

EasyIT has recently seen persistent and increasingly common phishing campaigns involving fake wire transfer request emails. The FBI reported an alert last month that “Between October 2013 and August 2015, over 7,000 US businesses were victimized by the so-called Business Email Compromise (BEC) scam and reported a staggering $748 million in…
Schedule a Consultation

EasyIT has recently seen persistent and increasingly common phishing campaigns involving fake wire transfer request emails.

The FBI reported an alert last month that “Between October 2013 and August 2015, over 7,000 US businesses were victimized by the so-called Business Email Compromise (BEC) scam and reported a staggering $748 million in actual and attempted losses.” 

This BEC scam re-surfaced, but this time, we are seeing more sophisticated attacks.

FBI Warning: //www.ic3.gov/media/2015/150122.aspx

Business Email Compromise usually starts when thieves either phish an executive and gain access to their inbox, or when a corporation’s accounting or finance department receives an urgent or highly confidential email from someone pretending to be the CEO or CFO, and it directs the immediate payment without further authorization.

An Example of a BEC Email:

“I need you to do a wire of 48,500 USD to the attached account. I’m unavailable to talk on the phone but the funds need to go out immediately. Please let me know as soon as the transfer is completed and send me a transfer confirmation in reply.”

An alarming fact is that hackers know what individual to target to complete the bank transfer.  They are able to closely emulate a very similar email to the CEO’s email and may even be able to know when the CEO is not available to verify the request.

Requests for expedited payment and confidentiality should be red flags, and they should generate a call for confirmation. While it’s true that some disbursements do require a fast response and some level of discretion, it is highly unlikely to require such speed with no additional authorization.

A notice from the FS-ISAC states, “The key to reducing the risk from BEC is to understand the criminals’ techniques and deploy effective payment risk mitigation processes. There are various methods to reduce the risk of falling victim to this scam and subsequently executing a fraudulent wire transfer.”

We advise taking time to educate staff to this threat, ensure protocols for wire transfers are adhered to, and report any incidents.  Additionally, using digital certificates in email will verify authenticity of the sender and thwart such hacking attempts.

If you would like to learn more about mitigating your BEC risk, contact EasyIT today.

Schedule Your Business Technology Review With EasyIT

Schedule Your Initial Consultation With The EasyIT Team.

Fill in your information below to get started today.

Concerned About The Ongoing Ransomware Threats Targeting Columbus Business

Get your free ransomware readiness checklist from EasyIT

Download Now

Latest Blog Posts

How To Mirror Your iPhone Screen
How To Mirror Your iPhone Screen
Read More
How To Password Protect A Word Document
How To Password Protect A Word Document
Read More
Windows Keyboard Shortcuts That Are No April Fools Joke
Windows Keyboard Shortcuts That Are No April Fools Joke
Read More
Read EasyIT Tech Blog
How Much Should Your Organization Pay For IT Support Services in Columbus?

How Much Should Your Organization Pay For IT Support Services in Columbus?

Many of our competitors will never reveal how much you should pay to outsource your IT support?

Not with EasyIT.

Download Your Free Complimentary Managed IT Services Pricing Guide.


25 years in the it business
Support 7,500+ users
Completed 1.8 million service tickets
50 dedicated team members
Support 8,000+ endpoints
Protect
Stabilize
Standardize
Improve
pa