Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Spike in Business Email Compromise

    CEO Fraud ChecklistBusiness email compromise attacks (BEC) have spiked by 80% over the past quarter, according to a report by Mimecast. The security provider revealed that over the past three months it had blocked over 41,000 BEC attempts that went undetected by other vendors.

    Additionally, Trend Micro released a report showing that BEC attacks doubled in the second half of 2017 compared to the first half of the year.

    Business email compromise takes place when employees of an organization are manipulated into transferring large sums of money from the organization to an attacker posing as the CEO or CFO. The attack usually starts with a successful spear-phishing email that grants an attacker access to the organization. Once inside, the attacker can spend months observing the internal operations and communications of the organization. After becoming familiar with the organization’s schedule and employees, the attacker spoofs an email from the CEO to one of the employees asking them to wire money to the attacker’s account.

    The FBI stated that BEC has caused the loss of over $12 billion between October 2013 and May 2018.

    The best way to defend against BEC attacks, according to the FBI, is to use face-to-face or voice-to-voice communication. Additionally, requiring multi-factor authentication for payments can add a layer of security, particularly if one of the authentication methods is confirmation by phone call. Finally, increasing employee awareness of email security can prevent an attacker from gaining access to the organization in the first place. Sound policies, and employees trained to follow them, can help block BEC before it starts.

    Infosecurity Magazine has the story: https://www.infosecurity-magazine.com/news/bec-detections-soar-80/

    CEO-Fraud-Pages.jpg

    CEO Fraud Prevention Manual Download

    CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This brand-new manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

    Click Here To Download The Manual

    PS: Don't like to click on redirected buttons? Copy and paste this link in your browser:

    https://info.knowbe4.com/ceo-fraud-prevention-manual

    Source (and more at): DARKReading

     

    Return To KnowBe4 Security Blog

    Topics: Spear Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews