Add business email compromise, aka BEC, to your list of business cyber risks. It’s a growing risk and spreading around the world, according to Michael Driscoll, FBI special agent in charge, Counterintelligence/Cyber Division, in the bureau’s New York office.
“BEC is right now off the charts,” said Driscoll, who spoke at the 2020 FINRA Cybersecurity Conference. “Every business is getting targeted, from the smallest to the largest.”
These attackers “know where to send the email and they know everything about your organization before they send it … using whatever they can, including malware tools and publicly available information, so they can to best place that email and target your system,” said Driscoll.
He gave the example of a company holding an upcoming charity golf event in which most executives were playing. The attackers, having watched the company over time, knew about the event and used that time to send an urgent email requesting a change in the wired payment process, pocketing about $25,000.
“Never ever change your payments based on an internet email,” said Driscoll. “Talk to someone. Verification is needed.”
If a company is hit, it should address the issue “immediately, contacting receiving banks, trying to call back the funds and reaching out to law enforcement,” said Driscoll. Businesses can file a suspicious activity report (SAR) with the FBI Crime Complaint Center at www.IC3.gov.
‘Reach out to the FBI when attacked,” said Driscoll. “You need to tell your story, what was different, what anomalies you saw.”
The FBI can’t respond to every complaint but it needs information about attacks and suspicious activity to help suss out patterns and bad actors and prevent repeat attacks, said Driscoll.