There is no better budget ammo for new-school security awareness training than this.
Attempts at cyber wire fraud, using spoofed email to impersonate a C-level executive or trusted business associates, surged in the last seven months of 2016, the U.S. FBI said in a May 4, 2017 warning.
Cyber criminals tried to steal 5.3 billion dollars through schemes what the FBI calls "business email compromise" -- also known as CEO Fraud -- in a new report at its Internet Crime Complaint Center.
The figure is up sharply from previous FBI reports which showed cyber scammers attempted to steal $3.1 billion from October 2013 through May 2016.
The Number Of Cases Doubled
The number of business-email compromise cases, in which cyber criminals request wire transfers in emails that look like they are from senior corporate executives or business suppliers who regularly request payments, almost doubled from May to December of last year, rising to 40,203 from 22,143, the FBI said.
The survey does not track how much money was actually lost to criminals, however, the FBI said that about one in four U.S. victims respond by wiring money to fraudsters. Victims have about 24 hours to try to claw back the money, but if it gets past that, the risk of losing everything is high.
Incidents Known To FBI Are Just 20% Of Total
Robert Holmes, a Proofpoint Inc, business email compromise researcher estimates that the incidents known to the FBI are just 20 percent of the total, and that total actual losses could be as much as double the figures reported.
The losses are growing as scammers become more sophisticated, delving deeper into corporate finance departments to find susceptible targets, he said. “This is not a volume play; it’s a carefully researched play,” he said.
The United States is by far the biggest target market, though fraudsters have started to expand in other developed countries, including Australia, Britain, France and Germany, Holmes said.
The U.S. Department of Justice said in March that it had charged a Lithuanian man with orchestrating a fraudulent email scheme that had tricked agents and employees of Facebook and Google into wiring more than $100 million to overseas bank accounts.
Internet cybercrime gangs have also used spoofed emails to trick HR departments into releasing W-2 forms, according to the FBI.
Source: KnowBe4 Blog