Making IT Work for Your Business
Business Email Compromise(BEC) to the Next Level- Scary
A new development in the CEO scams- this time fake phone calls that sound just like the owner of the company!
Therefore if your CEO authorize payments over the phone, please ensure there is a 2nd way, e.g. follow-up with a text message and a pre-defined code, that fully authorizes the payments.
What is BEC? Business email compromise is a sophisticated scam where the attacker impersonates a high level executive and attempts to get the employee to transfer money or sensitive data. Until recently, this only involved fake emails.
FBI Website says BEC losses amount to over 12 billion dollars and are growing at an alarming rate. There are a variety of tactics to fool their victims including spear phishing attacks and the use of malware. The crooks study the organization and when the time is right, often when the CEO is out of the office, the scammers send a bogus email from the CEO to a targeted employee in the finance office. The employee believes they are sending money to a familiar account but often the numbers are slightly different, going instead to the criminals. The new “deep fakes” voice conversations are very new but add another level of sophistication to be wary of.
What Can I do to Prevent BEC?
– Get an excellent spam filter or tune the one you have to reduce spam
– Train employees with fake phishing emails so they will be less likely to fall for the real ones- we have a training service available
– Verify payments over the phone or changes in payment locations by adding 2 factor authentication (e.g. have a 2nd person verify or text message)
– Carefully scrutinize all email requests for funds transfers to see if ANY thing is out of the ordinary
Contact Us at 732-594-6030 to help you get additional tools
7 Lincoln Hwy 2nd floor
Edison, NJ 08820
Copyright 2020 ASIS, LLC.