Criminals have been able to steal billions of dollars through rogue emails in recent years, the FBI claims. The damage caused by “Business Email Compromise” between June 2016 and December 2021 amounted to more than $ 43 billion, according to the American investigative service. Business Email Compromise (BEC), which also includes CEO fraud, allows attackers to gain access to email accounts through, for example, phishing or weak or reused passwords. Through the hijacked accounts, but also by using spoofed email addresses or typosquatting, where they register domains that resemble those of a legitimate organization, the attackers send rogue emails. For example, the scammers pose as suppliers and request customers to transfer payments to other accounts, or the financial administration of an attacked organization is requested to pay certain invoices, whereby the money must be transferred to accounts specified by the attackers. From June 2016 to December 2021, the FBI counted more than 241,000 cases of Business Email Compromise worldwide with damages totaling $43.3 billion. Last year, in particular, the damage from BEC fraud exploded to $40 billion. According to the FBI, this is partly due to the corona crisis, which meant that more companies handled business digitally.The FBI recommends using secondary channels or two-factor authentication to confirm requests to modify account information. It is also recommended to be alert to the wrong spelling of domain names and to pay extra attention to the e-mail address when using smartphones. Organizations should also ensure that workstations are set up to show full email addresses.
