Business email compromise attacks on the rise: FinCEN

According to a recent report from the U.S. Financial Crimes Enforcement Network (FinCEN), there has been a spike in attacks on manufacturing and construction entities. The main method of attack is business email compromise (BEC), which has proven incredibly effective. Business email compromise attacks can be summarized as social engineering attacks that specifically target, according to FinCEN, “organizations that conduct large wire transfers in the course of their usual business and rely on email for much of their communication regarding the wires.”

The data that FinCEN was able to gather showed the numerous important statistics on the link between business email compromise and the industries mentioned. In the years of 2017 and 2018, the industries of manufacturing and construction accounted for roughly 20 percent to 25 percent of all business email compromise attacks. The aftermath of this is major financial damage, with a large chunk of the record numbers 2018 saw ($301 million) being localized to manufacturing and construction. As an aside, the other industries affected were largely focused around commercial entities like shopping centers and hotels.

Another interesting takeaway from the FinCEN report is the evolution of methods used when engaging in business email compromise. The BEC report states the following on this particular issue:

BEC scam methods have evolved over time. For example, impersonating a CEO or other high-ranking business officer accounted for 33 percent of sampled incidents in 2017, declining to 12 percent in 2018, while impersonation of an outside entity was 20 percent of 2018 reports, from an unmeasured amount in 2017. Using fraudulent vendor or client invoices grew, from 30 percent of sampled 2017 incidents, to 39 percent in 2018.

As FinCEN notes toward the end of its BEC report, they are actively pursuing solutions that result in punishment of the perpetrators involved in these acts. They specifically mention their rapid response program (RRP) is intended to leverage “relationships with government, financial institution, and law enforcement partners to interdict cybercrime-enabled wire fraud proceeds nationally and globally to return the funds to victims.”

Featured image: Flickr / Jianfa Ben Tsai

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Monitoring Azure Windows Virtual Desktop using PowerShell

Monitoring Azure Windows Virtual Desktop, especially keeping an eye on the health of session hosts…

11 hours ago

Moving your SQL database to Azure SQL: Using the import method

Migrating SQL data to Microsoft Azure takes planning because there are several ways to do…

14 hours ago

Gateways and routers: A head-to-head comparison

Gateways and routers perform different functions, so both are necessary for a network. Let’s look…

17 hours ago

The new brain drain: What if WFH tech employees don’t come back?

Offices are reopening, but after months of a work-from-home routine, many employees may not want…

1 day ago

Amazon Fraud Detector generally available

Online payment frauds are a threat to any company doing business on the Web. Amazon…

2 days ago

Identity and access management sector buzzes with new funding, partnerships, solutions

Because no organization wants to end up in the headlines for a data breach, there…

2 days ago