Beware of email compromise attacks
INTERNATIONALLY, business email compromise (BEC) attacks are skyrocketing, as are global losses of more than US$2,4 billion last year, according to the FBI’s International Internet Crime Report.
BEC is equally common in Zimbabwe but our ZRP do not have the right structures to record these crimes and neither do they have the right training to prevent these kinds of crimes.
BEC is a scam also called the man-in-themiddle scam or also described as the email account compromise scam. is is when scammers target businesses working with foreign suppliers and/or businesses that regularly perform wire-transfer payments.
e scammers use computer intrusion techniques to compromise real business email accounts and perform unauthorised transfers of funds out of business bank accounts.
e scammer emails a phishing document to an intended victim via the address of a legitimate supplier and asks them to change the wire transfer payments of paying invoices.
Phishing is when scammers send malicious emails designed to trick victims into providing their personal online details so that they fall for a scam.
is email request tricks the victim into clicking on a malicious email or link that downloads malware on his computer and allows the scammer to gain unrestricted access to personally identifiable information (PII), including financial account data and passwords.
e scammer now has all the information he needs to wire money out of the victim's bank account.
It is Now Game over! When the real supplier delivers the goods and asks for payment, the victim only realises then that he has been scammed.
Another version of the scam targets upper-level executives in an organisation who receive email requests for wire transfers to bank accounts.
e emails are spoofed by adding, removing, or subtly changing characters in the email address that make it difficult to differentiate the perpetrator's email address from the legitimate address.
In another version, scammers send spoofed emails to suppliers, supposedly from their customer companies asking for quotes or orders for merchandise.
Many suppliers receive the emails at the same time, which alert them to possible suspicious behaviour.
Some companies follow up and easily link the IP addresses to previous email scams based abroad.
Sometimes, a scammer, who typically takes on the identity of a lawyer or a representative of a law firm, contacts a victim via email or phone at the end of the business day or work week claiming to be handling confidential or time-sensitive matters. Of course, the scammer creates a sense of panic to pressure the victim to expedite a funds transfer.
Many businesses have protected themselves from BEC scam by detecting it before they transfer funds to scammers and becoming victims.
ey do this by holding their customer requests for international wire transfers for an additional period of time, to verify the legitimacy of the request.
Some businesses measures that include:
•Creating
intrusion detection system rules that flag emails with extensions that are similar to the company email. For example, legitimate email of abc_company.co.zw would flag fraudulent email of abc-company.co.zw
Registering all company domains that are slightly different from the actual company domain. is is mandatory eg fbc.co.zw can also register fbcbank.co.zw
Verifying changes in vendor payment location by adding additional two-factor authentication such as having a secondary sign-off by company personnel. also have protective
•When
Confirming requests for transfers of funds.
using phone verification as part of the two-factor authentication, use previously known numbers, not the numbers provided in the email request.
Knowing the habits of your customers, including the details of, reasons behind, and amount of payments. Know Your Customer
(KYC).
Carefully scrutinising all email requests for transfer of funds to determine if the requests are out of the ordinary.
In cases where funds are transferred to a fraudulent account, you must act quickly: Contact your financial institution immediately.
•contact
Request that your financial institution
the corresponding financial institution where the fraudulent transfer was sent.
Contact your local law enforcement if the wire is recent.
File a complaint, regardless of dollar loss. Report the crime to local law enforcement agencies, the media and even the Reserve Bank of Zimbabwe. Zimbabwe’s business should now have robust email security, domain authentication, account protection, content inspection and user awareness must work together in a holistic fashion and there is a need for businesses to have cyber security as a Corporate Social Responsibility (CRS) to educate their clients and stakeholders. For more details please Whatsapp/call +263772278161.