Email Scammers Reaping Huge Rewards, Study Shows

The massive financial rewards for those carrying out cyber crimes including email scams has been revealed in research from Financial Crimes Enforcement Network (FinCEN).

FinCEN is a bureau of the United States Department of the Treasury that collects and analyses information about financial transactions.

It warned that Business Email Compromise (BEC) scammers and other criminals “generated more than $300 million a month in 2018, with a cumulative total exceeding billions of dollars stolen from businesses and individuals.”

Email scams

In 2016 for example, email scammers were only netting $110 million per month.

FinCEN also said that the number of suspicious activity reports describing business email compromises has more than doubled to over 1,100 per month last year, from around 500 per month in 2016.

“FinCEN has been a global leader and innovator in countering BEC breaches and their devastating effects on businesses, individuals, and national security,” said FinCEN director Kenneth A. Blanco. “The Bank Secrecy Act data is a critical resource in combatting all types of financial crime. We hold, safeguard, and analyse that data and we share our expertise with law enforcement and our industry partners to help make America safer.”

Besides the warning about the scale of the problem. FinCEN also issued an update to its “Advisory to Financial Institutions on E-mail Compromise Fraud Schemes,” first published in 2016, in which it highlighted general trends and provide more up to date advice.

So what techniques are scammers using the most at the moment? Well it seems that the use of fraudulent vendor or client invoices has grown, from 30 percent of sampled 2017 incidents, to 39 percent in 2018, making it now the most common business email compromise method.

Other techniques are also used however. Impersonating a CEO or other high-ranking business officerhas declined, accounting for 12 percent in 2018 from 33 percent of incidents in 2017.

FinCEN said that impersonation of an outside entity was described in 20 percent of 2018 reports.

The sectors most targetted by email scams are manufacturing and construction businesses in both 2017 and 2018.

Huge losses

At least one security expert has warned that these FinCEN numbers are probably only the tip of the iceberg.

“These scary numbers are just the tip of the BEC (Business Email Compromise) formidable iceberg,” warned Ilia Kolochenko, founder and CEO of web security company ImmuniWeb.

“Many small businesses do not report such incidents due to unawareness that a legal recourse may exist, or luck of hope to recover the stolen monies,” said Kolochenko. “Large organisations may likewise conceal the losses not to spoil their reputation. Importantly, we also have to consider many other indirect costs of cybercrime.”

“For example, growing spending on protracted and otherwise complicated due diligence on clients and partners that victims usually impose after losing money, let alone costs of investigation and legal expenses,” said Kolochenko. “Often a victory in a courtroom is nominal, as more money is lost than recovered or the defendants are judgement proof having no money to restitute the victims.”

Kolochenko said that businesses need to increasingly invest in continuous cybersecurity education for their workforce, and that no technology can resolve or mitigate all risks and threats without well-prepared people behind it.

“From a technology standpoint, organisations should invest in continuous security monitoring practices,” Kolochenko said. “Yearly or even quarterly audits are insufficient to resist the growing volume and sophistication of cybercrime.”

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

3 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

3 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

4 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

4 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

5 hours ago

EU Opens TikTok Probe Over Election Interference Claims

European Commission opens formal probe into TikTok after Romanian first-round elections annulled over Russian interference…

5 hours ago