Lloyds Bank says that Business Email Compromise (BEC)—also known as CEO Fraud—rose by 58% in the UK over the past year. While BEC is often associated by the media with large firms, Lloyds’ results show the contrary: about half-a-million small and medium enterprises were victims. These smaller organizations lost an average of £27,000 each time they were hit with an impersonation scam.
The organizations most affected were, in order, law firms, human resources departments, IT workers, and financial firms. Lloyds thinks the actual rate of attack may be higher than what they reported. Their study is of course based on the self-reporting of victims, and Lloyds believes that as many as one in twenty victims conceals their mistake to avoid embarrassment in front of colleagues.
The scammers almost half the time represent themselves as the CEO or the equivalent of the organization, but that impersonation has been overtaken by fraudsters pretending to be suppliers. Some 52% of the scams represented themselves as requests from vendors.
We've mentioned before that small and medium businesses are attractive targets for fraud. This survey, while confined to British organizations, is consistent with what other recent studies by Barracuda, Proofpoint, and the FBI have found elsewhere.
It’s also more evidence that there’s no safety in hiding in plain sight. No organization is too small to be worth some criminal’s time and attention. None is too big for some criminal to take on. And no organization is too small or too large to benefit from tailored, interactive security awareness training.
Infosecurity Magazine has the story: https://www.infosecurity-magazine.com/news/bec-fraud-hits-500k-uk-smes/
CEO Fraud Prevention Manual Download
CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This brand-new manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.
PS: Don't like to click on redirected buttons? Copy and paste this link in your browser: