Rimkus Consulting Group, Inc

Preparing For New Business Email Compromise Attacks

 Monday, March 13, 2023

 Risk Management Magazine

Business email compromise (BEC), also known as ‘CEO fraud,’ is one of the most expensive forms of cyberattack, yet companies continue to overlook it as a significant and active threat to their bottom lines.

Traditionally, BEC is defined as a sophisticated form of phishing that involves the criminal taking over the email account of a high-ranking executive and using it to conduct social engineering attacks on other employees. The ultimate goal is to steal money, often through fraudulent wire transfers.

While ransomware receives the lion’s share of attention, BEC-related theft can be just as expensive as a ransomware demand, if not more so.

According to IBM’s Cost of a Data Breach Report 2022, ‘BEC and phishing attacks led to the highest average breach costs--about $4.9 million per incident.’ The FBI reports that BEC scams have cost businesses over $43 billion globally since 2016, making it one of the most costly forms of attack used by cybercriminals.

Recently, a growing number of BEC-style attacks have been moving to communication platforms other than email, such as SMS, messaging apps, social media and collaboration platforms like Slack. Some hackers are even combining deepfakes with BEC tactics on video conferencing platforms.
FraudRisk Management

Do We Really Need Email? Did We Ever?

 Thursday, July 21, 2022

 Risk & Insurance

BEC: Attacks On Email Systems Are Rising

 Tuesday, November 26, 2019

 Insurance Thought Leadership

Cyber Attacks Shift To Small Businesses

 Friday, March 24, 2017

 Insurance Thought Leadership

Email Communication With Litigation Professionals Is Costing You

 Thursday, October 20, 2016

 Claims Management