• By Roger Carvosso, Product and Innovation Director

Latest BEC scam a reminder to be vigilant with email security

The recent news of a Sydney couple falling victim to a business email compromise (BEC) scam is a particularly apt reminder to businesses to take every possible precaution with email security.

The Sydney Morning Herald reported the couple was transferring $1 million to finalise the settlement of a property. They allegedly received what looked to be a legitimate email from their lawyer, requesting the funds be deposited into a new account. Unbeknownst to them, sophisticated BEC scammers were allegedly impersonating their lawyer. Only a portion of the funds have been subsequently recovered, while the couple picks up the pieces of their lives.

This story is both deeply concerning and unfortunately, far too common. It’s the latest in a string of increasingly sophisticated cybercrime attacks, targeting ever-more astronomical amounts of money, to hit innocent Australian people and businesses. 

According to the Australian Federal Police, BEC is ‘a persistent threat worldwide…(particularly) as many organisations return to remote working because of COVID restrictions.’ It reports the financial losses of BEC in Australia total more than $79 million in the past 12 months.

What makes this brand of cyberattack so insidious is the ‘man-in-the-middle’ technique it employs — impersonating trusted businesses to unknowingly strip away money from consumers thinking they are doing the right thing by paying on time or transferring the correct information.

It’s further disturbing proof of how cybercriminals are not just targeting multimillion dollar conglomerates — but everyday small businesses too. With transactions like settlement transfers, proof of identity, or even shopping moving increasingly online, especially due to stay-at-home orders under the pandemic, Australians are more vulnerable than ever to bad actors exploiting infinite online transactions.

Business email must be proactively secured

Any business that deals with the transfer of money online, big or small, needs to be fully prepared against BEC and other email-related cyberattacks. For businesses, it’s not a question of ‘if,’ but ‘when’ they will be targeted. The pandemic has proved to be a veritable breeding ground for online scams. The Australian Competition and Consumer Commission reported Australians lost over $851 million to scams in 2020 — a record amount — with phishing activity rising some 75 per cent in the same period.

Other email-related scams such as malware and ransomware are also becoming more commonplace, and businesses must bolster their security against these attacks accordingly. 

Email is the bedrock of any business, hosting a plethora of personal details, financial information, and exchange of other confidential business matters. FirstWave Cloud Technology’s FirstCloud Mail protects business email services both inbound and outbound, and is a recognised market leader by Gartner, IDC, and Radicati. 

FirstCloud Mail secures inbound email from malware, ransomware, phishing, viruses, and spam. It’s advanced detect and response functionality [1] specifically ‘hunts’ for ‘man-in-the-middle’ BEC impersonation scams and attacks , such as the one to which the family unfortunately fell victim, automatically and instantly notifying the email user of the threat  before they take any action.  

Make it a top priority to protect your business email today. 

Contact our sales team on sales@firstwave.com.au to find out more about how FirstCloud Mail can provide the end-to-end email security and protection all businesses need.