Email Security Blog

What Happens When Your CEO’s Email is Compromised?

Agari February 10, 2016 Cybercrime
Fallback Featured Image

What would you do if you received a confidential email from your CEO asking you to wire money to an attorney as part of an acquisition? This is what happened to Texas manufacturing firm, Ameriforge Group Inc., whose director of accounting wired $480,000 to the Agricultural Bank of China, before realizing that it was an email scam. Unfortunately, these kinds of highly targeted phishing scams, known as Business Email Compromise (BEC), are becoming more and more common. Sophisticated attackers are investing time gathering information about a company and getting to know its processes so they can target specific individuals with seemingly authentic emails designed to trick them into handing over confidential information or funds. These compromises of business email are also costly. The FBI estimates that cybercriminals stole nearly $750 million in such scams from more than 7,000 US victims between October 2013 and August 2015.

More worryingly, the continuous evolution of methods that are used for business email compromise means that business insurance or even cyber insurance might not provide the required cover. Ameriforge Group Inc is now suing its cyber insurance provider for refusing to cover its losses. This once again serves a reminder for why it’s a worthwhile investment to get cyber insurance, but it’s not the entire solution. More must be done to leverage available technologies, complete internal training and use open standards like DMARC to identify and block fake emails that look like they come from a trusted domain.

To read more about the Ameriforge situation: Firm Sues Cyber Insurer Over $480k Loss.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

August 13, 2019 Crane Hassold

The “I’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Have you ever received a blank email from someone you don’t know? If you have,…

Agari Blog Image

July 23, 2019 James Linton

Weaponizing Accounts Receivable: How Scammers Use Aging Reports to Target Your Customers

Receipts and invoices—two accounting powerhouses that require little introduction. But step a little further into…

Agari Blog Image

July 10, 2019 Ronnie Tokazowski

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind…

Agari Blog Image

June 5, 2019 Crane Hassold

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding…

Agari Blog Image

April 25, 2019 Crane Hassold

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to…

mobile image