The massive uptick in business email compromise (BEC) is considered one of the costliest attack types, requiring organizations to put employees on notice to stay vigilant.
The latest research from the FBI puts the average cost of BEC attacks at around $125,000. What makes them so dangerous is that they largely rely on text-only emails using social engineering to trick those with finance responsibilities into parting with the money they control.
New data from Abnormal Security shows that the healthcare industry has it pretty bad right now. Overall, they are seeing about 55 attacks per 1,000 mailboxes – a 167% increase in advanced email attacks this year. But more concerning is the growth in text-only BEC attacks. In this calendar year alone, the number of attacks per 1000 mailboxes has jumped by 279 percent.
This still only represents about 1 attack per 1000 mailboxes a day. But keep in mind that there are a handful of individuals to target with access to a company’s financial resources, and if just one of those attacks succeeds, the organization becomes another statistic for the FBI’s report next year.
Because BEC attacks rely heavily on social engineering, the best line of defense is the recipient user. Those that continually undergo security awareness training to help your users understand how to spot a BEC attack remain vigilant and are less likely to fall for these types of scams, regardless of how “official” they may look.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.