Major BEC Scam Ring Leaders Arrested in Israel
Authorities arrested four suspected leaders of a large-scale business email compromise (BEC) ring that managed to siphon off more than EU 18 million from companies in France and Belgium. The arrest followed a two-year joint investigation by Europol, the French National Gendarmerie - Section de Recherches of Bordeaux, and Israeli authorities.
24 cases of BEC, also known as CEO fraud, were attributed to the BEC ring. The authorities arrested the ringleaders in Israel after a series of house searches jointly carried out by the French National Gendarmerie and the Israeli Lahav 433 unit.
Investigations started in 2016 when two companies in France lost an estimated amount of EU 1.2 million. Other notable BEC incidents took place in the same year, such as one in France, where equipment manufacturer Etna Industrie’s accountant authorized wire transfers amounting to EU 372,000 out of which EU 100,000 went through to the fraudster’s account successfully.
The BEC epidemic is not just centered in Europe, but in other parts of the world as well. Organizations worldwide lost an average of around $140,000 to BEC scams in 2016. In 2017, the FBI’s Internet Crime Complaint Center (IC3) recorded 15,690 BEC cases, equating to US$675 million in adjusted losses in the US alone. Trend Micro projects losses from global BEC cases will exceed US$9 billion in 2018.
Defense against BEC attacks
Advanced security solutions can stop BEC fraudsters on their tracks.
The use of artificial intelligence (AI) and machine learning in Trend Micro™ email security products enhances overall cyberdefense against BEC, EAC, phishing, and other advanced threats. Trend Micro’s anti-BEC technology combines the knowledge of a security expert with a self-learning mathematical model to identify fake emails by looking at both behavioral factors and the intention of an email.
The new Writing Style DNA can detect email impersonation by using AI to recognize the DNA of a user’s writing style based on past written emails and comparing it to suspected forgeries. This feature works best against BEC schemes that involve compromised legitimate email accounts. When an email is suspected of spoofing a user, the writing style is compared to this trained AI model and a warning is sent to the implied sender, the recipient, and the IT department. The new technology will be used by Trend Micro™ Cloud App Security™ for Microsoft® Office 365™ and ScanMail™ Suite for Microsoft® Exchange™ products starting June 2018.
In addition to smart security solutions, workforce cybersecurity awareness can help effectively fill security gaps to prevent BEC scams from succeeding.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases