FBI Reports that Phishing Scams Cost Victims $750 Million
Posted by: Timothy Weaver on 09/02/2015 05:21 AM
[
Comments
]
According to the Federal Bureau of Investigation (FBI), business email compromise (BEC) scams (Phishing) cost U.S. victims nearly $750 million and impacted more than 7,000 people between October 2013 and August 2015.
On a global scale, such phishing scams has cost non-U.S. companies more than $50 million. These scams have taken place in all 50 states as well as 79 countries.
These costs resulted in wire transfers or checking accounts run through banks in China and Hong Kong. There was a 270 percent increase in identified victims and exposed loss since January 2015.
These phishing campaigns always involve the victim clicking on a malicious link which results in the download of malware that offers unfettered access to the victim's credentials.
Fraudsters often identified themselves as lawyers, or other types of legal representatives in the text of phishing emails and claimed to be handling confidential or time sensitive matters. They usually instructed the victims to act quickly or in secrecy when transferring funds.
The best practices for any company or organization is to ensure that employees can recognize a phishing scam and verify legit emails. Organizations should “have a dual-step process in place for bank wires, always verified by phone with trusted parties.”
Source: SCMagazine
On a global scale, such phishing scams has cost non-U.S. companies more than $50 million. These scams have taken place in all 50 states as well as 79 countries. These costs resulted in wire transfers or checking accounts run through banks in China and Hong Kong. There was a 270 percent increase in identified victims and exposed loss since January 2015.
These phishing campaigns always involve the victim clicking on a malicious link which results in the download of malware that offers unfettered access to the victim's credentials.
Fraudsters often identified themselves as lawyers, or other types of legal representatives in the text of phishing emails and claimed to be handling confidential or time sensitive matters. They usually instructed the victims to act quickly or in secrecy when transferring funds.
The best practices for any company or organization is to ensure that employees can recognize a phishing scam and verify legit emails. Organizations should “have a dual-step process in place for bank wires, always verified by phone with trusted parties.”
Source: SCMagazine
Comments
