Ride the Lightning

BEC Attacks: 75% Increase in 1st Quarter of 2020

July 7, 2020

On June 29, Abnormal Security published a post which reported a sharp rise in the number of Business Email Compromise (BEC) attacks involving invoice or payment fraud. BEC attacks impersonate either a party internal to an organization, usually an executive such as the CEO, or an external party such as a trusted vendor.

BEC attacks seek to steal money from an organization, usually through persuading an employee to buy gift cards, or by convincing a payroll administrator into changing an employee's direct deposit account information. Invoice and payment fraud BEC attacks steal money by initiating fraudulent wire transfers, or hijacking vendor conversations and changing invoice information in order to redirect vendor payments.

In May, Abnormal saw a 200% increase in the average rate of attacks each week, and a 36% increase in the number of organizations experiencing these attacks.

At Sensei, we have seen several law firms taken in by these attacks during the pandemic. They work because they persuade someone in the law firm to do their bidding. Having good cybersecurity policies and procedures in place is a good start, but cybersecurity training for employees is critical.

And yes, it can be done via webinar. And another yes, we do offer this training!

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson