Scammers Go Phishing: Business Email Compromise on the Rise

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Scammers Go Phishing: Business Email Compromise on the Rise-7 Next

Place a Fraud Alert

Place a fraud alert on your credit file.

Individuals who have been a victim of identity and tax fraud, as well as those preemptively worried about it, can contact one of the three major credit bureaus (TransUnion, Experian, Exquifax) and request that an initial fraud alert be placed on their credit file for free. This ensures that creditors must contact the individual and confirm permission with them before opening any new accounts. Requesting from just one bureau will also place the fraud alert on the individual's file with the other two bureaus. This alert lasts for 90 days and can be renewed.

Spammers are increasingly relying on high-targeted messages for financial gain, tricking businesses into either transferring funds or releasing sensitive information on employees. Since the beginning of the year, Cloudmark has seen a dramatic increase in text-only, email impersonation attacks known as Business Email Compromise (BEC).

The volume of BEC prompted the FBI to issue an alert on CEO spoofing spams cautioning businesses to be wary of e-mail only wire-transfer requests and requests involving urgency. According to Cloudmark's latest Quarterly Threat Report, losses from BEC wire-fraud attacks rose to an average of $104 million per month over the last 15 months.

Another BEC attack that gained traction this year is the W-2 scam, with more than 60 organizations falling prey to attacks targeting their employees' W-2s. Large and small companies in industries ranging from health care to higher education to technology to manufacturing have been fooled by attackers into leaking their employees' tax forms, with some attacks exposing the confidential information of tens of thousands of people.

How these attacks typically happen is that a member of the finance or human relations team will receive an email that appears to be from a high-ranking official, usually the CEO or CFO – with a straightforward request such as funds of W-2 data. However, they are really sending the funds or sensitive data to an outside official not connected with their organization. Due to the simplicity in executing these attacks, BEC spoofing attacks are one of the fastest growing forms of cyber fraud.

In this slideshow, Cloudmark has compiled tips for businesses and individuals on how to combat phishing attacks and prevent identity and tax fraud as financial losses.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.