Since the year 2013, the #FBI began tracking an emerging cyber threat. Vast and small companies and organisations are being targeted in all U.S states as well as in 100 countries. Non-profit corporations, churches, and schools are losing billions to #Cyber Criminals. Professional business people are falling victim due to the unpredictability and sophisticated tactics being used by criminals.
How the criminals commit the crimes.
Step 1: Impersonators hire linguistics, social engineers as well as hackers. They then find smooth target organisations and develop a profile of the company and its executives and study the institutions billing systems, CEOs' preferred communication methods and his or her travel schedules.
Step 2: This stage is called the grooming stage where hackers send phishing e-mails and make calls to victims in the finance department using pressure and persuasion tactics. This phase can last a few days or weeks.
Step 3: This step involves convincing the victim that he/she is conducting a legitimate company transaction. The wiring instructions will then be provided to him/her.
Step 4: The victim then transfers the funds to the bank accounts controlled by the organised crime group unknowingly.
What the FBI has to say about this particular crime.
The FBI has named this type of offence as the "business e-mail compromise" (BEC). A veteran FBI special agent says that "the crime is being committed on a global scale." Techniques being used by criminals include online ploys, social engineering, e-mail spoofing, identity theft, and the use of malware that are hard to detect.
According to the FBI’s Internet Crime Complaint Center, there has been a 1,300 percent increase in identified exposed losses since January 2015, and the amount lost totals to over $3 billion.
How to avoid being a victim
Employees need to verify the authenticity or the communications and Financial instructions that they receive.
Relying on face to face communications when communicating important issues other than using emails. Installing, intrusion detection systems in the companies email system that detect fake emails that look similar to legitimate vendor emails. More than two people can also be signatories when conducting wire transfer transactions.