The Federal Bureau of Investigation issued a warning last year about BEC or Business Email Compromise scams. Regrettably, security experts report that those kinds of scams are rising in frequency, and worse of all, the latest ones come with a disturbing new twist. The recent manifestation of the scam focuses on employees, looking to move their direct deposited paychecks into hacker controlled accounts controlled.
Its execution is not at all complicated. All that a hacker requires is the exactly the same details as what they obtain when they steal the identity of a person. Armed with a target's email address and banking information, all a hacker has to do (in most cases) is send a formal request to HR, explaining that the target has a new bank account and asking that the paycheck be sent to the details provided.
It all seems legit to the HR personnel receiving the request, because all of the information is accurate. In a growing number of cases, nobody even thinks to check or confirm that the switch has been authorized by the employee in question.
One of the researchers who has been following the growth in popularity of this approach had this to say about guarding against it:
"If a two-factor online authentication system isn’t utilized, we suggest ensuring an element of human contact is set up before the completion of the request, apart from verifying that the email address is from a legitimate source."
How big a problem is this type of thing?
According to the latest FBI statistics, between October 2013 and May 2018, businesses suffered total losses estimated at more than $12 billion, worldwide. If that doesn't get your attention, few things will. This is a large and growing problem, but thankfully, it's one that can be easily fixed by putting a few additional common sense safeguards in place.
Call Spartan Tec Inc. if you are seeking out efficient measures to keep your business information and network safe and secure from online threats.
Spartan Tec Inc
Myrtle Beach, SC 29577