Unit 42 Research: BEC Attacks Financial Nightmare for Organizations

While ransomware is grabbing all the headlines, business email compromise (BEC) is inflicting more costly damage on organizations and individuals, according to new Unit 42 research.

BEC is costing victims thousands, even millions of dollars, according to Unit 42, Palo Alto Networks‘ threat research group. In investigations conducted since Jan. 1, 2020, the average wire fraud attempted was $567,000 and the highest was $6 million.

Moreover, the FBI reports that BECs caused $1.87 billion in losses last year, making it one of the most expensive types of cybercrime.

BEC is a cyberattack involving the hacking, spoofing or impersonation of a business email address. The victim of a BEC attack receives an email that appears to come from a trusted business. The email looks and feels genuine. However, it typically contains a phishing link, a malicious attachment, or a request to transfer money to the attacker.

Many organizations think they’ve already taken steps to protect themselves against BECs, Unit 42 said. However, those steps may not have been properly implemented. Among the hundreds of BEC cases Unit 42 has worked on since the beginning of last year, 89% of victims failed to turn on multifactor authentication (MFA) or follow best practices for its implementation.

BEC Deep Dive

Unit 42’s Jen Miller-Osborn

To learn more, we spoke with Jen Miller-Osborn, Unit 42‘s deputy director of threat intelligence.

Channel Futures: While ransomware is grabbing all the headlines, is BEC more prevalent and dangerous to more people and organizations? If so, how?

Jen Miller-Osborn: In the sense of monetary loss to an organization, it far surpasses ransomware. It rarely makes the news because organizations don’t want it publicized and, in contrast to ransomware, there are no real world effects which employees or customers would notice. There is also rarely malware involved in BEC cases, often the attackers rely solely on social engineering to accomplish their goals, so it can be much harder to detect and stop.

Scroll through our slideshow above for more from Unit 42 and other cybersecurity news.