Phishing and Business Email Compromise (BEC)
In a BEC attack, fraudsters send emails pretending to be an employee or external vendor. Their main goal is to collect personal login information or gain access to company data and systems. Often, fraudsters take advantage of employees by:
- Using an urgent email subject requesting immediate fund transfers
- Inviting them to “click to register” for an event
- Registering a domain similar to that of its target organization in order to make employees think it’s legitimate. This is also known as spoofing.
- Posing as the influential leader of a fake organization
With access to company data and systems, fraudsters can make unauthorized payments, install malware or ransomware, or package and resell confidential information. This can result in a data breach, a security event in which company data is accessed without authorization.
Malware and Ransomware
Malware or ransomware is software designed to damage a computer, server or client or computer network is unknowingly installed by employees, this is malware or ransomware.
In malware attacks, fraudsters threaten victims into paying a fee to avoid activation of the software. In ransomware attacks, fraudsters hold company systems, data or both hostage until the company pays a fee—often in bitcoin or another cryptocurrency.
Often the result of targeted phishing attacks, an account takeover occurs when a fraudster gains enough personal information to take control of an account.
Account takeovers enable fraudsters to make unauthorized transactions. Many times, the fraudster will change contact and login information, making it difficult for the true owner to access the account.
A cashflow scam occurs when a fraudster seemingly sends funds, which they don’t actually have, to a second account, and then withdraws the funds from the second account.
Cashflow scams exploit the time it takes for a transaction to clear after the receiving party has access to the funds. The first transaction bounces because of the lack of funds, but the fraudster has already withdrawn the cash from the second account.
Internal Fraud Incidents
Internal fraud incidents—sometimes called “malicious insider attacks”—are committed by an employee within the organization.
Commonly, these attacks authorize funds to be sent to a personal account. The employee may also sell company data to a fraudster or competitor.