Email scams costing businesses $billions
(CNS Business): Unsuspecting employees in Cayman are being targeted by criminals with ‘Scareware’ and sophisticated email scams, enabling them to siphon off cash from these companies without the need for complex hacking techniques. The FBI’s Internet Crime Complaints Center (ICC) has issued an alert surrounding Business Email Compromise (BEC), which it called the $3.1 Billion Dollar Scam and said that exposed losses in the US have jumped by 1300% since January 2015, with businesses of all sizes being targeted.
The scam involves compromising legitimate business email accounts, so that fake messages can be sent with instructions to send funds via wire transfer to an account overseas.
“There have been a number of instances in Cayman where senior members of staff have received instructions purporting to be from other staff members, board directors and clients requesting the transfer of funds,” said David Smailes, principal at IT specialists Pivot Advisors. “All organistions are susceptible, not just the Financial Services sector,” he said.
Businesses that work regularly with foreign suppliers that frequently perform wire transfers are especially vulnerable, the FBI said, adding that fraudulent transfers are being sent to 79 countries around the world, with the majority going to Asian banks in China and Hong Kong.
Victims are usually monitored first over social media, as criminals aim to accurately identify the individuals at companies who perform wire transfers regularly as part of their duties. “Phishing” emails may also be sent to solicit further details regarding the individual being targeted at the company, such as names and travel dates. Ransomware cyber intrusions, or scareware incidents, which trick users into downloading malicious software, have been seen to be used immediately before a BEC attack, providing unfettered access to the victim’s data, including passwords or financial account information.
“The techniques being used are becoming more sophisticated,” Smailes said. “Social engineering teams will scrape information from social media platforms to identify staff that are vulnerable or disillusioned in an attempt to extract information that is useful in gaining unauthorised entry to systems. Malware is increasingly tailored for specific environments and botnets are leased to hackers to target specific sites that have been identified as vulnerable”
Smailes said any assumption that the only threat is coming from lone hackers working from home is no longer valid.
“There are estimates that over 100 governments are now preparing for, or have deployed, cyber-attack and defense teams” he said, “while in the private sector, criminals are increasingly working in a network of teams to leverage deeper skills and technology. We are also seeing a number of hacktivist groups that are seeking to raise awareness on issues through exposure of data through the media.”
The failed attempt by scammers to infiltrate the Information and Communications Technology Authority (ICTA) in Cayman earlier this year highlighted this threat to business here, which has gained increased international prominence, with more than 22,000 companies being hit.
The ICTA has established a Cyber Incident Response Team (CIRT), which is understood to be extended to the private sector with a vetted membership and a secure portal to report incidents and exchange information.
“Cayman is not immune to these threats and firms here should not be complacent,” Smailes said. “The ICTA’s initiative will increase awareness and provide a valuable tool for addressing the issue as a community.”
Protection against intrusion attacks starts with robust IT security policies, which should be followed by all members of staff, with vigilance and caution key, according to Smailes. Don’t use unapproved USB drives or DVDs and be especially careful before clicking on any links, attachments or requests to confirm sensitive data.
“An effective a cyber security framework will filter out over 70% of potential attacks, but technology is obviously an important element of prevention and response as well,” he said. “There are a wide number of tools available that protect the perimeter and interior of networks and these should be deployed based on need. Organisations that have high value data assets will need to invest more than those that simply store publicly available information. In establishing the value of data consider both how important that data is to the operations of the firm and also how it could be exploited and monetized by third parties if leaked from the firm.”
Firms should also make sure their software is kept up to date and regularly patched, while penetration tests can isolate any vulnerabilities in networks and help mitigate against potential threats and if that all sounds too complex, then get an independent specialists to walk you through it.
Category: Finance, Financial Crime