Fake emails: The trick that costs businesses billions

  A man holding an envelope and cash Image copyright
Getty Images

The email address came in like everyone else, from the company's CEO to his chief financial officer.

"Hello, the deal is done. Please link $ 8 million to this account to complete the acquisition ASAP. Must be done before the end of the day. Thank you."

Employees thought nothing of it and sent the funds over and ticked on the list. of jobs before they left home.

But the alarm bells started ringing when the purchased company called to ask why it had not received the money.

An investigation began ̵[ads1]1; $ 8 million was certainly sent, but where were they going?

We will never know.

Some of the money was clawed back by the banks, but most were lost to hackers who may have paid out using an elaborate money laundering network or simply passed on to the next victim.

Meanwhile, the CFO is left feeling awful, and the company gets itchy.

After all, the email apparently came from the boss's address and his account had not been hacked.

It was left to cybersecurity experts to share the bad news to the company: email is not to be trusted.

CEO Fraud

This is a true example of a cyber attack known as Business Email Compromise, or CEO Fraud.

The attacks are relatively low-tech and rely more on social engineering and trickery than traditional hacking.

Cyber ​​criminals simply falsify the email address of a business manager and send a compelling request to an unsuspecting employee.

The message appears to have come from the boss – but it has been sent by a janitor.

Image copyright
Getty Images

There is usually a sense of urgency to the order, and the employee simply does as they are told – perhaps sending huge amounts of money to criminals by mistake.

These scams are increasing, and according to the US FBI, they have resulted in worldwide losses of at least $ 26 billion (£ 21 billion) since 2016.

Earlier this month, 281 suspected hackers were arrested in 10 different countries as part in a massive decommissioning operation of global cybercrime networks based on the scam.

Ryan Kalember, Executive Vice President for Cyber ​​Security Strategy at Proofpoint, said: "Business Email Compromise (BEC) is the most expensive problem in all cybersecurity. It is not just another form of cybercrime. . "

Proofpoint was appointed to handle the Fraud Managing Director described in this article.

Kalember and his team have seen the tactics evolve over the past year and have some interesting observations and warnings for potential victims.

Non-executive targets

The traditional targets for BEC attacks are the "C-suite" figures of larger corporations, such as CEOs or CFOs. [19659007] But recently, criminals have been searching for less hanging fruit.

"The very afflicted people we see now are in fact rarely VIPs. Victims tend to have easily searchable emails or easily guess shared addresses.

" VIPs, usually tend to be less exposed as organizations generally do a pretty good job of protecting VIP email addresses now, "Kalember added.

The trend has also been noticed by cyber security company Cofense.

In some in cases where employees have e-mails are forged, and the attacker asks staff departments to send a victim's salary to a new bank account.

"A smaller but much broader reward system would be a deliberate attempt to fly under the radar to target financial processes which is likely to have weaker controls but still yield attractive returns, "said Dave Mount of Cofense.

Monday Warning

Another method that is seen more regularly is fraudulent email messages sent Monday morning.

According to Pro Ofpoint, more than 30% of BEC emails are delivered on Mondays when hackers try to take advantage of weekend reserves.

They hope "social jet lag" will mean that employees are more easily fooled by fake emails and other social engineering tricks.

"Attackers know how people and offices work. They depend on people making mistakes and having a lot of experience with what works. This is not a technical vulnerability, it's about human error," Kalember said.

Fake Forward

Fake email threads are part of another technique that has evolved.

Attackers start the subject lines of their emails with "Re:" or "Fwd:" to make it look like their message is part of a previous conversation.

In some cases, they even include a fake email history to establish apparent legitimacy.

According to researchers, scams using this technique have increased by more than 50% year over year.

Mr. Kalember says that all these trends follow a predictable pattern based on our own behavior.

"One of the reasons why this is a particularly difficult problem to stamp out is that it depends on the systemic risk that we all rely on email as a means of communication," he said.

Unfortunately for businesses and unscrupulous employees, BEC is unlikely to disappear.

E-mail forgery is technically very simple, and free-to-use online services offer a small entry barrier.

But there are many things companies and employees can do – including being vigilant and aware of the attacks. [19659007] Companies could insist on so-called two-factor verification before sending a payment.

Of course, all of this depends on people taking a step back from what is often pursued in the workplace – speed and efficiency.

Action Fraud and the UK's National Fraud Intelligence Bureau (FNIB) operate a 24/7 hotline 0300 123 2040 for businesses to report live cyber attacks.

Source link

Back to top button