pogonici - Fotolia
Risk & Repeat: Business email compromise on the rise
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the rise in business email compromise activity based on new data from the FBI's 2017 Internet Crime Report.
Ransomware may be the most talked-about and concerning type of cyberattack today, but the FBI's Internet Crime Report for 2017 offers troubling data on the growing threat of business email compromise.
According to data in the report, the FBI's Internet Crime Complaint Center (IC3) saw a noticeable decrease in the number of ransomware incidents year over year. The IC3 received 1,783 complaints about ransomware with $2.3 million in losses last year as opposed to 2,673 complaints and $2.4 million in losses during 2016.
However, the report also showed a surge in business email compromise and email account compromise activity, with 15,690 combined incidents and adjusted losses of approximately $676 million for the year.
In addition to the FBI Internet Crime Report, SecureWorks recently detailed a major business email compromise campaign operating out of Nigeria and targeting the maritime shipping industry. Known as Gold Galleon, the threat group managed to steal millions of dollars last year, despite low technical skills, by using off-the-shelf malware and social engineering techniques combined with customized emails, fake invoices and spoofed email domains.
Why is business email compromise surging? What makes these campaigns so effective? Are ransomware attacks actually decreasing or is the FBI merely seeing a drop in reported incidents? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in this episode of the Risk & Repeat podcast.