Business Email Compromise in the Financial Services Industry: FS-ISAC Use Case
Attackers have stolen billions of dollars from unsuspecting companies over the years by posing as employees, vendors, or partners to initiate fraudulent wire transfers. The FBI released a public service announcement in May 2017 warning about these sophisticated Business Email Compromise (BEC) scams and reported exposed dollar losses of $5.3 billion — a 24x increase from two years prior.
While BEC hits all major business sectors, it is particularly relevant in the financial services sector. Understanding the risks and mitigation steps for BEC requires a clear view of how these scams are initiated, what the various roles are, and how money flows from the victimized bank to the attacker.
This FS-ISAC use case takes a look at a real-life wire fraud BEC attack and educates on…
- The four types of BEC scams: Fake Invoice, CEO/CFO Wire Fraud, Fake Lawyer, Human Resources
- Best practices to inhibit fraudulent transactions
- How to protect your organization