A study conducted by the cybersecurity firm Barracuda determined 60 percent of business email compromise (BEC) attacks did not include a phishing link, making them more challenging to address.
Officials said 3,000 random BEC attacks, which serve as one of the most prevalent types of cyberfraud, were analyzed from 50 companies. Through this, Barracuda learned 0.8 percent of the attackers asked the recipient to send them personal identifiable information such as W2 forms with Social Security Numbers, 40 percent asked recipients to click a link, and 12 percent tried to establish some rapport with the target by starting a conversation.
The study also revealed about 43 percent of attackers took on the false identity of the company’s CEO or founder.
Study investigators noted the fact that 60 percent of BEC undertakings do not involve a link make the emails difficult for existing email security systems because they are often sent from legitimate email accounts, tailored to each recipient and do not contain any suspicious links.
Officials said BEC scams are used to gain access to a business email account and imitate the owner’s identity as a means of defrauding a company. Data showed
the most common BEC scam is trying to get the recipient to do a wire transfer to a bank account owned by the attacker.