New research suggests that when it comes to business email compromise (BEC) attacks (also known as spear-phishing or simply phishing attacks), hackers most often take on the guise of CEO, managing director and president. Targets are, perhaps unsurprisingly, frequently decision makers in the finance department. The researchers’ analysis turned up some other interesting insight, such as what terms are used most often in phishing emails.
The first half of this year alone has seen over 3,000 BEC attacks, including Petya and WannaCry – with the US, Australia and the UK targeted most often. Despite this, the overall number of ransomware attacks has recently levelled out – suggesting that cyber criminals are otherwise engaged in dreaming up ingenious new schemes and scams. Or maybe not.
But with losses resulting from BEC amounting to more than $5bn since 2013, one thing is clear – employees at all levels need more training and greater security savvy. If in doubt, always check with IT or question the email veracity with the sender via a different means of contact.