SecureWorld News

Cybersecurity: Criminals Using COVID-19 Themes for BEC Attacks

Written by Clare O’Gara | Wed | Apr 8, 2020 | 1:15 PM Z

Maybe we shouldn't be surprised.

With the world moving to remote work and fears surrounding COVID-19 running high, cybercriminals are bound to take advantage of the opportunity.

According to the FBI, this is already happening when it comes to Business Email Compromise (BEC) schemes and cybercrimes.

FBI uncovers coronavirus related BEC attacks

If you're working remotely right now, your email inbox may be busier than ever.

And cybercriminals know this, which is why they're turning toward BEC attacks where they spoof legitimate email correspondence.

The FBI shared a couple of recent examples:

A financial institution received an email allegedly from the CEO of a company, who had previously scheduled a transfer of $1 million, requesting that the transfer date be moved up and the recipient account be changed "due to the Coronavirus outbreak and quarantine processes and precautions." The email address used by the fraudsters was almost identical to the CEO's actual email address with only one letter changed.

This is a classic BEC approach, with a COVID-19 twist. Here is another one:

A bank customer was emailed by someone claiming to be one of the customer's clients in China. The client requested that all invoice payments be changed to a different bank because their regular bank accounts were inaccessible due to "Corona Virus audits." The victim sent several wires to the new bank account for a significant loss before discovering the fraud.

This type of fraud can hit anyone and any organization. The Catholic parish that lost $1.7 million in a BEC attack comes to mind as another example.

FBI explains Business Email Compromise red flags

If you're looking to keep yourself safe, you're in luck. The FBI has a list of red flags to watch for, which may tip you off to the start of a BEC attack:

  • Unexplained urgency
  • Last minute changes in wire instructions or recipient account information
  • Last minute changes in established communication platforms or email account addresses
  • Communications only in email and refusal to communicate via telephone or online voice or video platforms
  • Requests for advanced payment of services when not previously required
  • Requests from employees to change direct deposit information

If you're among the millions working remotely, protecting your physical and digital health is critical right now.

That includes protecting yourself and your organization from BEC attacks by watching for red flags and always speaking to someone you know at the organization that appears to be making an urgent request. 

Related podcast: how BEC scams operate

SecureWorld recently interviewed a U.S. Secret Service investigator who specializes in BEC scams and cyber fraud.

He explains how cybercriminals operate, how they move massive amounts of money to overseas accounts, and how this has developed into the "Enterprise Business Model of Cybercrime."

Listen below or on your favorite podcast platform: