Business Email Compromises = $12.5 Billion In Losses

“Man In The Middle Attacks Are On The Rise
In July 2018, the FBI reported that Business Email Compromise (BEC) and Email Account Compromise (EAC) had generated more than $12.5 billion from October 2013–May 2018. A whopping $7.2 billion of these losses happened between December 2016 and May 2018. Fraud enabled through Email Account Compromise is lucrative for criminals and is a threat for anyone involved in lengthy and high-value transactions, such as business procurement processes or private real estate purchases.

Here’s how it works:

  • Attacker scans the seller’s email account(s)- for high-value transactions in the preorder phase (i.e., a buyer has asked for a quote).
  • Attacker sets up a redirect rule in the seller’s email to hijack future emails from the buyer.
  • Buyer sends a purchase order (PO) to the seller, and the PO is redirected to the attacker.
  • Attacker “clones” the buyer’s email (using a similar but misspelled domain) and forwards the PO to seller, establishing a man-in-the-middle (MITM) compromise.
  • Seller replies to “buyer” (the cloned email address controlled by attacker) with an invoice containing payment instructions.
  • Attacker modifies the bank payment destination in the invoice and forwards the modified invoice to the buyer.
  • Buyer wires money to attacker-controlled bank account.
  • Could you be exposed to a Man In The Middle attack? Let me know if we can help.