KnowBe4 Security Awareness Training Blog

BEC Scammers Stole $170,000 From Two Defense Contractors and a University

Written by Stu Sjouwerman | Mar 20, 2019 12:36:33 PM

Two defense contractors and a university lost approximately $170,000 from business email compromise (BEC) scams last year, according to an FBI advisory obtained by CyberScoop. The scammers impersonated employees at the organizations by spoofing email addresses, and then used fraudulent lines of credit to rack up expensive purchases.

In one instance, a scammer impersonated a university employee and ordered 150 electronic measurement instruments from a US defense contractor, stealing a total of $80,000. Two similar incidents resulted in defense contractors losing $90,000. Alexander Heid, chief security officer at SecurityScorecard, told CyberScoop that business email compromise scams are growing increasingly popular due the high payoff for attackers.

“Business impersonation fraud is trending because it works,” said Heid. “With 1,000 target enterprises, if only 1 percent fall for the scam, that is still ten places wiring over large sums of money – and that adds up very fast. The incentive is there, the technology is there, the risk is low compared to traditional forms of crime, and now we are seeing the aftermath in the form of victim stories and law enforcement warnings after years of observed activity.”

The FBI said these scams could have been prevented if the suppliers had taken steps to confirm that the purchases were legitimate. In many cases, simply calling the other party over the phone can expose a fraudulent email exchange. New-school security awareness training can teach your employees to be suspicious of all transaction requests until they’re absolutely certain of their legitimacy.

CyberScoop has the story: https://www.cyberscoop.com/email-scammers-stole-150k-defense-contractors-university-fbi-says/

 Get Your CEO Fraud Prevention Manual

CEO fraud (aka business email compromise) has ruined the careers of many executives and loyal employees. Don’t be next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

PS: Don't like to click on redirected buttons? Copy and paste this link in your browser:

https://info.knowbe4.com/ceo-fraud-prevention-manual