Business email compromise attacks on the rise: FinCEN

According to a recent report from the U.S. Financial Crimes Enforcement Network (FinCEN), there has been a spike in attacks on manufacturing and construction entities. The main method of attack is business email compromise (BEC), which has proven incredibly effective. Business email compromise attacks can be summarized as social engineering attacks that specifically target, according to FinCEN, “organizations that conduct large wire transfers in the course of their usual business and rely on email for much of their communication regarding the wires.”

The data that FinCEN was able to gather showed the numerous important statistics on the link between business email compromise and the industries mentioned. In the years of 2017 and 2018, the industries of manufacturing and construction accounted for roughly 20 percent to 25 percent of all business email compromise attacks. The aftermath of this is major financial damage, with a large chunk of the record numbers 2018 saw ($301 million) being localized to manufacturing and construction. As an aside, the other industries affected were largely focused around commercial entities like shopping centers and hotels.

Another interesting takeaway from the FinCEN report is the evolution of methods used when engaging in business email compromise. The BEC report states the following on this particular issue:

BEC scam methods have evolved over time. For example, impersonating a CEO or other high-ranking business officer accounted for 33 percent of sampled incidents in 2017, declining to 12 percent in 2018, while impersonation of an outside entity was 20 percent of 2018 reports, from an unmeasured amount in 2017. Using fraudulent vendor or client invoices grew, from 30 percent of sampled 2017 incidents, to 39 percent in 2018.

As FinCEN notes toward the end of its BEC report, they are actively pursuing solutions that result in punishment of the perpetrators involved in these acts. They specifically mention their rapid response program (RRP) is intended to leverage “relationships with government, financial institution, and law enforcement partners to interdict cybercrime-enabled wire fraud proceeds nationally and globally to return the funds to victims.”

Featured image: Flickr / Jianfa Ben Tsai

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

User-friendly web design tools for a user-friendly website

If you want your business to succeed these days, you need a user-friendly website. Put these tools in your toolbox…

9 hours ago

New kids vs. old reliable: Can chat apps replace email?

Do businesses rely too heavily on email for communication? Yes! Is the answer to replace email with chat apps? No!…

14 hours ago

PowerShell function to standardize message box script outputs

If you got your start with Visual Basic, you remember msgbox. This PowerShell function will bring back memories and help…

17 hours ago

Microsoft Ignite 2019: Top announcements and product unveilings

Microsoft Ignite 2019 included a slew of updates on products and services. Among the announcements was Azure Arc, which may…

1 day ago

Who says configuration management can’t be fun?

Managing change in an enterprise isn’t easy and it’s usually no fun. Here’s a book on configuration management that will…

2 days ago

Choosing the right communication tools for your business

Choosing communication tools is like choosing a first progamming language. While you want easy, you also want cross-platform, security, and…

2 days ago