Cybersecurity over the last decade has seen a rapid rise in discussions of IT experts and C-level executives, with the digitization of business operation the area of security threat is on the rise. Over the past four years, the cost of internet crime has topped $ 7 billion, according to the FBI’s latest Internet crime report. The above numbers are just the number of crimes reported by the organizations; the actual number might be much higher. According to the Steven D’Antuono, FBI’s financial crimes section chief said in a statement that there is lot more that goes unreported making the security feature lack experience, we have been working in developing solutions for the enterprises, but most of them don’t want to get involved in a legal tangle. He also crafted whether the growing number of crimes being committed is making the numbers rise or we see the rising number of reports been submitted for the crimes committed.
The Internet Crime Complaint Center (IC3) is the FBI’s central collection point of reporting Internet crimes. IC3 is a portal wherein all the people or enterprises can report cyber crimes to the FBI; it can include different variety of crimes from Business Email Compromise (BEC) to an extortion attempt. It’s also the place wherein if the enterprises need assistance to Recovery Asset Team can take the help of the cyber experts. It assists the victims in getting their money back if they have fallen victim to any of the internet crimes while BEC is one of the largest internet crimes that is affecting the business if only because the amounts are stolen are frequently very large. It’s one of the ways that is affecting the companies around the world and, with the major focus being towards the payroll processing and real estate which are two of the most criminal activities that are concentrated in.
Here are some of the popular crimes that have been unearthed during recent times
Payroll processing scams are growing across the world at a rapid pace because it involves a lesser level of authentication and tracing is difficult. What exactly happens during the payroll scam is an email would be sent from the employee to the accounts department starting to change the routing number and payment information on the payroll. The payroll team or accounting team usually fail to do the procedure based verification, and the victim usually doesn’t realize that the mistake has been made until the money has been stolen. Many enterprises were hit by such type of scams; this led to many of them trying to develop a verification and sequential system wherein a user will be getting the notifications when the information is changed. Real estate scams usually involve the spoofed email from the real estate agent wherein they are involved in certain real estate; the spoofed email will go to the buyer and asks that the down payment be wired to the agent. The email configuration or email changes can both act as both
Some of the other crimes that are committed in the internet space, wherein a hacker talks about taking over the webcam of the victim and has certain compromising videos of the victim. The hackers send an email stating that the video has recorded which will only be deleted after the ransom amount is being paid. Other types of attack include threating to completely implement the denial of service attack that would happen if the ransom is paid.
Another form of attack that has seen the rapid rise in the course of last few years is the hitman scam that an email is received from a person who threatens to kill the loved one if you don’t pay a certain amount. Threating emails, including the hitman scam needed to report directly to the FBI on the IC3 right away. However, whether such threats have been real enough that they followed on their actual intention is still to be seen or reported.
When you look at the current range of scams that are happing in enterprises its mainly due to lack of effective verification steps that can act as one of the best defenses. D’Antuono stated that personal contact is one of the best defenses against payroll, real estate, and BEC scams, as the physical confirmation will be able to confirm various findings. The payroll and real estate scam can be avoided using the physical touch to verify various findings. Verification scheme can be manipulated over time. Hence D’ Antuono adds that personal contact is one of the best defense there is to be made. It also means talking to the person who will be using the payroll thing and also added the need for verification.
We live in a society where a person or enterprise believes in communicating through email or through text message rather over a voice call to confirm the details. Having a policy in place that confirms the details will lead to improving the routing information to be more authenticate. One of the most famous incidents where a fraudulent person who had admitted to developed a series of schemes that involves defrauding businesses. The attacker used email accounts created by Espaillat that different from legitimate email addresses only by a letter or two. He used his emails to send what appeared to be legitimate invoices requesting payment for goods or services. The payment went in bogus banks accounts. One of the corporate victims had even deposited $3.8 million in one of the bogus accounts.
Enterprises need to be aware of what employees are saying about their jobs on social media; this is where most of the scammers are scrapping for the enterprise’s information. It also means making sure that employees don’t provide information about their jobs and work on social media. It’s also imperative to teach the employees about various fraudster techniques that are being followed by the scammers to gain access to personal or enterprises information.
To know more, you can download our latest whitepapers on Cybersecurity.