Surprise! What’s The Country Where All The CEO Fraud Gangs Are?

KnowBe4’s Stu Sjouwerman wrote a really great blog about Business Email Compromise. Once upon a time, about 5 years ago, if you got a letter from a Nigerian prince or some sad story about not being able to transfer funds, that was obviously a scam. You knew, I knew, anybody but the most gullible knew it. Those were referred to as Nigerian 419 scams- 419 is the section of the Nigerian criminal code where this practice is codified as illegal.

Image result for nigerian prince

But times have changed and so have the gangs…

What if your CFO got an email from your COO or your CEO? What if your AP clerk got an email from your CFO- or your Comptroller?

A new study by Agari concludes that, despite all the attention nation-state espionage services have been getting for their phishing attacks, the big threat still comes from criminal gangs.

Here is your quick Executive Summary:

  • 97% of people who answer a Business Email Compromise (aka CEO Fraud) email become victims
  • The average BEC incident included a payment request of $35,500 (ranging from $1,500 to $201,805)
  • 24% of all observed email scam attempts between 2011 and 2018 were BEC even though BEC only started in earnest in 2016

And What’s That Country?

Many of those criminal gangs continue to operate from Nigeria, of the ten gangs engaged in the email scams that Agari studied, nine were based in Nigeria. Conclusion: the old Nigerian 419 scam has upgraded big time.

While business email scams are relative newcomers to the world of online crime, becoming popular only as recently as 2016, they’re now the most common kind of attack, accounting for 24% of phishing emails.

Patrick Peterson, Agari’s Executive Chairman said: “The sad irony is that these foreign adversaries are using our own legitimate infrastructure against us in attacks that are far more damaging and much harder to detect than any intrusion or malware.”

BEC, in which the scammer poses as an executive of the business being phished, has the greatest potential for a large, immediate payout. All organizations should make it their policy never to use email to direct fund transfers, and they should train their employees to be aware of this social engineering tactic.

Other scams have similar potential to bankrupt their targets. Real estate brokers, for example, have been targeted with malicious attachments that enable criminals to conduct man-in-the-middle account takeover scams that hit escrow accounts.

Scammers Use A Multi-Step Process

An interesting finding of Agari’s study is the multi-step process many of the scammers use: a probe email is followed by one or more follow-ups that deliver the scammer’s punch.

In the case of business email compromise, a common and effective probe might ask, “Are you at your desk to make a payment?” We have seen that these organized crime groups are starting to automate and script the process of sending these initial probes to their targets.

Interactive training can help a business arm its employees against social engineering. KnowBe4 actually allows you to monitor what an employee who falls for a simulated CEO fraud attack writes back, and automatically step them through immediate remedial training.

Want a free tool to see how vulnerable you are to spoofing? Cut and paste this link to your browser- https://info.knowbe4.com/domain-spoof-test-partner?partnerid=0010c00001wis6gAAA

Advertisements

About Vic Levinson
Telecommunications and IT professional with over 25 years experience in Business Technology Solutions. Specializing in managed technologies solutions : hosted VoIP, cyber security, help desk, remote monitoring and maintenance, cloud work space and - the works. Founded Prime Telecommunications in 1993 and providing business communications solutions. Cloud Applications- everything from hosted network security, hosted Disaster Recovery, hosted printer management, data centers and colocation solutions for businesses.

Comments are closed.

%d bloggers like this: