Business email compromise (BEC) isn’t as high-profile as splashy cybercrime like ransomware or hacking, but it’s still a huge part of the threat landscape. Cybercrime is up dramatically across the board – Dark Web activity increased by 44%, with a corresponding 80% jump in overall cybercrime – and BEC is part of that trend with an overall 14% increase, and an up to 80% surge in some industries.
Every Industry Is At Risk
BEC fraud is a bit more challenging than your average cybercrime, making it a less popular category than simple phishing. But that certainly doesn’t make it any less dangerous or damaging. In 2020, BEC costs increased rapidly, from $54,000 in Q1 2020 to $80,183 in Q2. It accounted for half of all losses in the previous year and the majority of cyber-insurance claims.
BEC fraud is also insidious, and no industry is safe. The biggest target observed in one 2020 study was the energy and infrastructure sector with 93% of attacks. Other industries with a high number of weekly BEC attacks were retail and consumer goods and manufacturing and technology. Overall, BEC was continuing to rise in 75% of the tracked industries.
Protecting Your Business from BEC is as Easy as 1-2-3
Choosing a smart array of cybersecurity solutions that work together to provide layered protection is an effective strategy to protect your business from rising BEC and data breach risk.
Secure identity and access management solutions add immediate protection against BEC and credential compromise in general. One essential step that we highly recommend to our clients is using multifactor authentication, a tool that can stop up to 99% of cyberattacks on its own.
Watching for potential trouble from credential compromise with our Dark Web monitoring is also a smart way to reduce risk. The 24/7/365 monitoring and analysis that can be provided stops unfortunate credential compromise surprises from Dark Web sources, like lists of stolen passwords in Dark Web markets or data dumps, mitigating the risk of bad actors using a stolen password to gain access to your systems and data.
Phishing is always at the top of the list of threats to your business, and that’s no different when it comes to BEC. With a more than 600% jump in phishing attacks in 2020, improved phishing resistance training with Optistar’s Security Awareness Training is a must-have for every organization.
Contact us to schedule a 15-minute consultation with one of our Senior IT Consultants to discuss your potential risks including business email compromise. We can create a plan that helps mitigate such risks to give you greater peace of mind.