Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the United States. This makes the US the second-largest hub for BEC actors in the world. Criminals in Nigeria still account for the vast majority of BEC attacks, at 50% of the global total. South Africa was third, with criminals there responsible for 9% of these attacks. Agari’s researchers based their findings on incidents in which the attackers failed to anonymize their real-world locations.
“A quarter of the BEC actors we identified globally were located in the US, operating in 45 states and the District of Columbia,” Agari says. “Nearly half these scammers were located in five states: California, Georgia, Florida, Texas, and New York Many of the BEC actors in our dataset were clustered around a handful of US cities. The largest of these were based in and around Atlanta, GA, with 7% of all US-based BEC actors operating in this metropolitan area.”
The US government isn’t letting these actors operate unperturbed—the Justice Department has arrested dozens of people allegedly involved in these schemes. Still, the number of BEC attacks originating in the US is notable, considering that Europe only accounts for 6%, the Middle East for 4%, and the Asia-Pacific for 2%.
“It’s well-known that organizations within the United States are preferred targets for BEC actors. Some groups our team has researched, such as Exaggerated Lion, have exclusively targeted US-based businesses, for instance. But it may be surprising to some that a quarter of all BEC actors operate from within the US.”
Agari adds that BEC activity is on the rise in other countries as well.
“Because of the impact of BEC attacks globally, law enforcement in Nigeria has become more aggressive in recent years, which has caused BEC actors to migrate to other countries,” the researchers write. “Additionally, the significant return on investment from BEC scams has led far more sophisticated Eastern European cybercrime groups, like Cosmic Lynx, to get into the game. This only increases the geographic distribution of BEC attack sources.”
BEC attacks are extremely profitable, so criminals put a great deal of effort into refining their tactics. New-school security awareness training can help your employees thwart targeted social engineering attacks.
Agari has the story.