Email Security Blog

What Happens When Your CEO’s Email is Compromised?

Agari February 10, 2016 Cybercrime
Fallback Featured Image

What would you do if you received a confidential email from your CEO asking you to wire money to an attorney as part of an acquisition? This is what happened to Texas manufacturing firm, Ameriforge Group Inc., whose director of accounting wired $480,000 to the Agricultural Bank of China, before realizing that it was an email scam. Unfortunately, these kinds of highly targeted phishing scams, known as Business Email Compromise (BEC), are becoming more and more common. Sophisticated attackers are investing time gathering information about a company and getting to know its processes so they can target specific individuals with seemingly authentic emails designed to trick them into handing over confidential information or funds. These compromises of business email are also costly. The FBI estimates that cybercriminals stole nearly $750 million in such scams from more than 7,000 US victims between October 2013 and August 2015.

More worryingly, the continuous evolution of methods that are used for business email compromise means that business insurance or even cyber insurance might not provide the required cover. Ameriforge Group Inc is now suing its cyber insurance provider for refusing to cover its losses. This once again serves a reminder for why it’s a worthwhile investment to get cyber insurance, but it’s not the entire solution. More must be done to leverage available technologies, complete internal training and use open standards like DMARC to identify and block fake emails that look like they come from a trusted domain.

To read more about the Ameriforge situation: Firm Sues Cyber Insurer Over $480k Loss.

Leave a Reply

Your email will not be published. All fields are required.

Checking Email on Phone

March 19, 2019 James Linton

BEC Goes Mobile as Cybercriminals Turn to SMS

Business email compromise (BEC) is a term that encompasses a variety of techniques and tactics…

Agari Blog Image

February 27, 2019 Crane Hassold

Scarlet Widow Bombs Nonprofit Directories to Run BEC Scams

When the Agari Cyber Intelligence Division released our report on London Blue in December, much…

Agari Blog Image

February 14, 2019 Crane Hassold

Scarlet Widow Breaks Hearts and Empties Wallets via Romance Scam Operations

With Valentine’s Day celebrated around the world, today is a day full of love and…

Agari Blog Image

February 5, 2019 Ronnie Tokazowski

BEC Actors Exploiting Gmail “Dot Accounts” for Fun and Profit

Within the Agari Cyber Intelligence Division (ACID), we regularly engage with BEC threat actors using…

counterintelligence-blog

December 6, 2018 Crane Hassold

How an Elite Counterintelligence Team Investigates BEC Scams Worldwide

Marriott Hotels, Dunkin Donuts, even the House GOP. During the final quarter of 2018, a…

mobile image