Skip to main content

Large Increase In Business Email Hacking Incidents

By February 23, 2019May 19th, 2022Cybersecurity

Given the rate of increase in the number of hacking attacks, it was predicted early on that 2018 would be another record setting year. That came with more hack attempts and more successful attacks than were seen in 2017.  Sadly, that prediction proved to be correct.

What few people had anticipated, however, was how big of an increase we’d see.

While the number of attacks generally increased throughout 2018, few areas saw more explosive growth than BEC, which stands for Business Email Compromise attacks.  Those hacks accounted for a mind-boggling 476 percent surge between the fourth quarter of 2017 and the fourth quarter of 2018.  To give that number some context, by comparison, the number of email fraud attempts against businesses also increased by by just 226 percent over the same period, which while staggering, is paltry by comparison.

BEC attacks therefore win the dubious honor of being the fastest growing security risk on the current threat matrix, and the most likely type of attack that businesses are likely to experience.

These are, at their core, social engineering attacks that target specific employees of a firm, typically in the company’s finance department.  The goal is to convince them that they’re dealing with a vendor the company regularly does business with and convince them to send large sums of money. This is typically via wire transfer to accounts that, at first glance, appear to be legitimate vendor accounts, but which of course are controlled by the attackers.

While less sophisticated attacks rely on poisoned files or URLs to do their damage, these attacks rely on trust and psychology.  As such, they’re significantly more difficult to spot, which is one of the many reasons they can be so devastating.  By the time the victims realize what has happened, it’s far too late.

Vigilance is the only real way to combat this form of attack, so be sure your employees understand the risks and that they are are on their guard. Lastly, verify any significant transfer of funds in person.  Better to be safe than sorry.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.