Business email compromise attacks on the rise: FinCEN

According to a recent report from the U.S. Financial Crimes Enforcement Network (FinCEN), there has been a spike in attacks on manufacturing and construction entities. The main method of attack is business email compromise (BEC), which has proven incredibly effective. Business email compromise attacks can be summarized as social engineering attacks that specifically target, according to FinCEN, “organizations that conduct large wire transfers in the course of their usual business and rely on email for much of their communication regarding the wires.”

The data that FinCEN was able to gather showed the numerous important statistics on the link between business email compromise and the industries mentioned. In the years of 2017 and 2018, the industries of manufacturing and construction accounted for roughly 20 percent to 25 percent of all business email compromise attacks. The aftermath of this is major financial damage, with a large chunk of the record numbers 2018 saw ($301 million) being localized to manufacturing and construction. As an aside, the other industries affected were largely focused around commercial entities like shopping centers and hotels.

Another interesting takeaway from the FinCEN report is the evolution of methods used when engaging in business email compromise. The BEC report states the following on this particular issue:

BEC scam methods have evolved over time. For example, impersonating a CEO or other high-ranking business officer accounted for 33 percent of sampled incidents in 2017, declining to 12 percent in 2018, while impersonation of an outside entity was 20 percent of 2018 reports, from an unmeasured amount in 2017. Using fraudulent vendor or client invoices grew, from 30 percent of sampled 2017 incidents, to 39 percent in 2018.

As FinCEN notes toward the end of its BEC report, they are actively pursuing solutions that result in punishment of the perpetrators involved in these acts. They specifically mention their rapid response program (RRP) is intended to leverage “relationships with government, financial institution, and law enforcement partners to interdict cybercrime-enabled wire fraud proceeds nationally and globally to return the funds to victims.”

Featured image: Flickr / Jianfa Ben Tsai

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Software-defined perimeter solutions: Why this is the future of security

Traditional VPNs are showing their age in the modern cloud-powered workplace. That’s why software-defined perimeter solutions are in your future.

9 hours ago

Why you need to check your virtualization host’s NUMA configuration

Should you disallow NUMA spanning in your Hyper-V architecture? There are two sides to this story, and you’ll get both…

13 hours ago

Getting started with Visual Studio Code and integrating with Azure DevOps

Coding may not be the No. 1 job duty for cloud admins, but it is often a part of the…

16 hours ago

Apple Event 2019: New iPad, Apple Watch, and more

Apple Event 2019 was more than just about iPhones. The tech giant also rolled out new iPads, an upgraded Apple…

1 day ago

Migrating and configuring Hyper-V passthrough disks

Believe it or not, Hyper-V virtual machines can be configured to use a dedicated physical hard disk, which is referred…

2 days ago

Cut costs and kick back: Use Azure automation accounts for VM utilization

Using Azure automation accounts to start and stop your VMs may just save you enough time to kick back, relax,…

2 days ago