Trend Micro researchers reported that cybercriminals spoofed the CEO email address the most, with CFOs and finance directors being the top attack targets.
In their 2017 Midyear Security Roundup: The Cost of Compromise report, Trend Micro said cybercriminals continued to use schemes such as bogus invoices or supplier swindles, and employ keylogger malware or HTML pages in phishing emails to spoof employees.
Trend Micro revealed that CFOs were targeted the most by the 3,000-plus instances of CEO Fraud, followed by other employees charged with handling financially sensitive information.
The United States received the majority of attempted BEC attacks, with 30.96 percent, followed by Australia, with 27.4 percent. The United Kingdom was the target for 22.46 percent of BEC attacks, with Norway and Canada targeted substantially less, at 4.88 percent and 3.43 percent, respectively.
"Employee training on common BEC methods goes hand in hand with a holistic security solution in defending enterprises from a variety of BEC attacks," Trend Micro said. "From small businesses to large corporations, enterprises can become unwitting victims in the multibillion-dollar scam that is BEC."