You have more than likely heard about hackers and the multiple hacks that have happened at businesses throughout the years, such as Home Depot, Target, and Ashley Madison. A new scam though is happening to businesses, which since October 2013 has costed the companies nearly $1.2 billion according to the FBI.The scam is known as “business email compromise” and it is basically when the hackers pose as the CEO of a certain company, and then ask the employees to hand over certain financial information that should remain confidential. The first thing that happens is that the hackers will send a phishing email to the CEO or another top-ranking executive, which then allows the hackers to gain access to that account, and then the hackers send an email from that executive’s account. There are also some hackers who create a dummy email to then phish the financial departments into thinking that the email is coming from the CEO of the company. Other times, the hackers are posing at the lawyers for the company and asking for the financial information immediately. The hackers then will wire the money out of the company and put it into their own coffers, but that is only after the needed information about the company’s accounts have been passed onto them.
The FBI has said this is a widespread scam, although banks and companies have recently gotten better about noticing the scam emails, but all 50 states have reported this scam, and over 79 counties have seen it as well. In 2015, there has already been a 270 percent increase in victims that have been identified due to this scam, and this has exposed the huge losses that the businesses are incurring as a result of the email scam. The FBI announced this week that there have been more than 7,000 companies just in the United States that have been victims of this scam since October 2013, and that amounts to about $750 million. The total loss for the last two years including the companies reporting to the foreign law enforcement agencies have equaled out to $1.2 billion. For some businesses, the loss from this scam can be devastating, and can lead to the company going out of business.
Just this month, a networking firm, Ubiquiti, has reported that an “outside entity” was targeting its finance department by sending out what seemed like a company email. A hacker ended up stealing $46.7 million from the company’s accounts. The company did recover about $8.1 million of that money that the hacker stole, and Ubiquiti said that it should be able to get back $6.8 million more from that company. The company had also said that it is working with overseas and United States officials and law enforcement in order to retrieve the remaining $31.8 million.
This scam is more than just about trying to get money out of businesses because the damage done to the reputation of the business can be horrific. The fact that the hackers are so easily able to get the financial information also leads to the question of how are the employees not noticing that these are phishing emails? A lot of the emails may look like they are coming from a true email from the business, the issue is often that it can be easily to spot because there is a number where there should be a letter or a letter instead of a number, such as @conveg1es.com instead of convergies.com. The CEO and other executives need to be better versed in knowing how to tell these email addresses apart, including looking at the entire email address before sending off any information. It would also be a good idea for companies to have a number that you can call when you get these emails that would let you know whether or not such emails were going out or someone that could tell the person the emails would not have been sent from any company email, including from Human Resources or any other financial department.
View the original content and more from this author here: http://ift.tt/1LIuXTp
from hacker samurai http://ift.tt/1UjrKc9
via IFTTT
No comments:
Post a Comment