Email Compromises Surge Between 2016 and 2018
On July 16, 2019, the Financial Crimes Enforcement Network (FinCEN), a U.S. Department of Treasury agency, issued an advisory about business email compromise (BEC) fraud. While FinCEN’s mission involves monitoring and safeguarding the U.S. financial system, FinCen also identifies criminal trends affecting all industries, such as the surge of BEC schemes.
BEC scams involve malware, phishing emails, and other techniques targeting accounts of financial institutions and customers of financial institutions, including commercial, educational, non-profit, and government institutions. BEC schemes often involve compromised legitimate email accounts being used to trick employees, vendors, or business partners.
FinCEN noted a significant increase in suspicious activity reports from banks. In 2016, there were an average of five hundred monthly suspicious activity reports related to business email compromises. By 2018, the average monthly suspicious activity reports increased to eleven hundred. Similarly, in 2016, business email compromises involved transactions averaging $110 million per month. In 2018, the transactions averaged $301 million, an approximately 173% increase, in a mere two years.
FinCen reports that criminals are continuously refining their techniques to leverage information regarding the target’s processes. Industries with substantial public information about business processes, vendors, and transactions are attractive targets for BEC schemes, according to FinCEN. The FBI advised that frequent tools include spoofing emails with slight variations of legitimate addresses, malware, and spear-phishing emails that are believed to be from trusted senders. FBI Special Agent Martin Licciardo recommended that users and businesses verify the authenticity of requests and the requesting party. The FBI further recommended:
- Creating rules to flag emails with extensions similar to the company email (i.e., slight email variations would be flagged).
- Creating rules to flag emails where the “reply” email address differs from the “from” email address.
- Having a process to verify vendor payment changes, including phone verification.
To reduce the chance of BEC fraud, FinCEN recommends that businesses evaluate their business processes, including authentication of participants in communication and transaction authorization. As cybersecurity threats like BEC schemes continue to grow, businesses must be proactive in training their employees, implementing system wide rules, performing practical application drills, and having processes in place to address cybersecurity threats.
The attorneys at CCLB represent businesses across a wide variety of industries in connection with cybersecurity matters. If you have any questions related to cybersecurity or need assistance on such a matter, please call us at (404) 262-6505.