Spammers are increasingly relying on high-targeted messages for financial gain, tricking businesses into either transferring funds or releasing sensitive information on employees. Since the beginning of the year, Cloudmark has seen a dramatic increase in text-only, email impersonation attacks known as Business Email Compromise (BEC).
The volume of BEC prompted the FBI to issue an alert on CEO spoofing spams cautioning businesses to be wary of e-mail only wire-transfer requests and requests involving urgency. According to Cloudmark's latest Quarterly Threat Report, losses from BEC wire-fraud attacks rose to an average of $104 million per month over the last 15 months.
Another BEC attack that gained traction this year is the W-2 scam, with more than 60 organizations falling prey to attacks targeting their employees' W-2s. Large and small companies in industries ranging from health care to higher education to technology to manufacturing have been fooled by attackers into leaking their employees' tax forms, with some attacks exposing the confidential information of tens of thousands of people.
How these attacks typically happen is that a member of the finance or human relations team will receive an email that appears to be from a high-ranking official, usually the CEO or CFO – with a straightforward request such as funds of W-2 data. However, they are really sending the funds or sensitive data to an outside official not connected with their organization. Due to the simplicity in executing these attacks, BEC spoofing attacks are one of the fastest growing forms of cyber fraud.
In this slideshow, Cloudmark has compiled tips for businesses and individuals on how to combat phishing attacks and prevent identity and tax fraud as financial losses.
Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ... More >>
Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ... More >>
Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ... More >>