‘Email Compromise’ Wire Scheme: Do Fraud Losses Surpass Malware Losses?
May 26th, 2015
There are always new threats that complicate protection of wires. One key fraud trend that we are seeing in commercial banking is often referred to as “business email compromise” (BEC). In this scheme, commercial bank customers are hit with bogus emails, providing requests to change wire instructions. Business email scams are such a problem that the FBI recently issued its own warnings for these. Formerly known as “email in the middle,” this attack particularly targets companies executing wire transfers.
- Some large financial institutions indicated that high dollar losses from the business email compromise scheme were higher than overall malware-related losses.
- As with other social engineering-based fraud attacks traditional protections, such as authentication and end-point solutions like device reputation, do not help. The legitimate customer is executing the payment and wants it to go through
- One effective variation on this threat involves manipulating invoices from legitimate vendors to include new payment instructions. The fact that the invoices look legitimate helps fool the commercial user.
- FI’s noted mixed client reactions when their fraud detection systems suspend these wires, and they reach out to the users who created them. In one case, the user still insisted he had an urgent email from his CEO authorizing the payment, and that it must be released because it was so high priority.