July 5, 2024 Prepare for business email compromise attacks.
Welcome to Cyber Security Today. It’s Friday July 5th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for TechNewsday.com.
It’s the Independence Day weekend in the U.S. Thanks for tuning in on the holiday.
Ransomware gets headlines, but business email compromise scams — where employees are tricked into sending money to bank accounts controlled by crooks are still popular among crooks.
According to a recent report by Arctic Wolf, 70 per cent of organizations surveyed said they’d been targeted by an attempted business email compromise in the past 12 months. One quarter of the incidents Arctic Wolf was hired to work on in the first three months of this year were business email compromise attacks.
At the heart of these scams crooks impersonate executives, lawyers or partners in phishing emails. A common trick is a message supposedly from a partner saying their firm has changed banks and regular payments should go to a new account.
One incident I recall a few years ago involved an American toy maker whose chief financial officer got an email supposedly from the CEO saying a new Chinese manufacturing partner had been signed. To seal the deal $2 million had to be sent to a bank in China. The company had business process controls for such sudden transactions: The transaction needed the approval of the CEO and the CFO. In this case the CFO trusted the email from the supposed CEO and went ahead. Fortunately it was a bank holiday weekend in China and U.S. authorities had time to warn their Chinese counterparts.
Scams like this usually start with a crook hacking an employee’s email account to learn about the organization’s partners and upcoming deals. Then they craft the email request.
How do you defend against these attacks? First with regular employee security awareness training. And second, by having robust identity management tools. These include phishing-resistant multifactor authentication for logins.
That’s it for now. But later tonight the Week in Review podcast will be available for weekend listening. My guest will be Imran Ahmad, co-head of a Canadian law firm’s cybersecurity and data privacy practice, who will talk about how to be prepared for cyber attacks.
Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.
