Feb 2020 – Week 2

News and Reports

FBI’s 2019 Internet Crime Report
https://www.fbi.gov/news/stories/2019-internet-crime-report-released-021120.

Some important takeaways include:

  • FBI’s IC3 received 23,775 complaints in 2019 regarding BEC, recording more than $1.7 billion in losses to individual and business victims.
  • Most common attacks:
    • phishing
    • non-payment/non-delivery scams
    • extortion
  • Some of the targeted sectors:
    • Real estate
    • Legal
    • Personal accounts
  • Attack types commonly seen:
    • Payroll funds
    • Vendor fraud
    • Gift cards/Executive spoofing
    • Requests for W-2s

Taking from the report directly, guidance for anyone experiencing a BEC is as follows:

  • Contact the originating financial institution as soon as fraud is recognized to request a recall or reversal as well as a Hold Harmless Letter or Letter of Indemnity.
  • File a detailed complaint with http://www.ic3.gov. It is vital the complaint contain all required data in provided fields, including banking information.

Proactively, it is suggested to:

  • Visit http://www.ic3.gov for updated PSAs regarding BEC trends as well as other fraud schemes targeting specific populations (real estate, pre-paid cards, W-2, etc.).
  • Never make any payment changes without verifying with the intended recipient; verify email addresses are accurate when checking mail on a cell phone or other mobile device.

Also, this incredibly eye-opening graphic of the last 5 years (all internet crime included):

Agari’s Email Fraud & Identity Deception Trends Report
https://www.agari.com/email-security-blog/email-fraud-trends-report-q1-2020/

“Consistent with recent trends, it finds that the success of today’s most pernicious email scams is growing less dependent on technical prowess, and more on social engineering techniques that leverage human emotions like anxiety or curiosity.”

  • 62% of BEC scams last quarter involved gift cards, the most common being:
    • Google Play store
    • eBay
    • Target
    • Walmart
    • Best Buy
  • Threat groups in Eastern Europe may become a larger issue in the upcoming months as attacks from Czech-based webmail platforms have been on the rise.

Resources

Out new this week are the following resources and recommendations.

Microsoft Office 365:

Phishing:

  • KnowBe4 posted about the FBI’s report in their Phishing Blog (great historical information).

Romance Scams:

Thanks for looking over my first week’s post! I began this on the later side of the week but want to have each of these published on Friday. If you have anything that you think would make a great addition to this week please email me at the address provided.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: