Microsoft has releasednew findings claiming email-borne attacks are growing not just more destructive, but also harder to detect.
As seen in the company’s Cyber Signals report, the number of business email compromise (BEC) attacks that companies face on a daily basis has hit 156,000, representing a 38% increase compared to 2019.
During a BEC attack, a threat actor will try to impersonate a high-ranking officer within an organization (for example, a chief finance officer or similar), and will try to use their authority to get an employee (for example, someone in the finance department) to transfer funds quickly and silently. Oftentimes, the “CFO” will say the company is finalizing a buyout of a competitor, a process that needs to be kept under wraps, and will ask the employee to transfer the funds “urgently”.
Millions in losses
The results are devastating, with businesses losing millions of dollars on fraudulent transactions. Microsoft cited the UK government’s recent Cost of Cyber Crime Report, which stated that these attacks cost the country’s economy roughly £27bn every year. The National Fraud Intelligence Bureau (NFIB) received more than 40,000 reports from victim organizations between April 2022 and 2023. Thes companies seem to have lost more than £2.2bn in that timeframe.
Furthermore, the effects of the incident can be felt in the months and years to come, through identity theft and data leaks.
BEC has gotten more popular lately, prompting some cybercriminals to facilitate the practice through different services. Some cybercrime-as-a-service (CaaS) operators can provide credentials and the IP address of victims, allowing threat actors to easily launch Business Email Compromise (BEC) campaigns that are more difficult to detect and disrupt.
Through CaaS, malicious actors can buy entire business packages on the dark web, which provide them with everything they need to launch a successfull attack, the company concluded.
“BEC attacks offer a great example of why cyber risk needs to be addressed in a cross-functional way with IT, compliance, and cyber risk officers at the table alongside executives and leaders, finance employees, human resource managers, and others with access to employee records like social security numbers, tax statements, contact information, and schedules,” noted Vasu Jakkal, Microsoft Corporate Vice President, Security, Compliance, Identity, and Management.