Study: Most email cyberfraud attacks do not include phishing links

August 31, 2018 by NAFCU Newsroom

Business email compromise (BEC) attacks – one of the most prevalent types of cyberfraud – were analyzed recently by cybersecurity firm Barracuda. After reviewing 3,000 random BEC attacks from 50 companies, Barracuda found that 60 percent of them didn’t include a phishing link – making these scams more difficult to detect and block.

BEC scams are used to gain access to a business email account and imitate the owner’s identity in an effort to defraud a company. The data show that the most common BEC scam is trying to get the recipient to do a wire transfer to a bank account owned by the attacker.

Of these scams, 0.8 percent of the attackers asked the recipient to send them personal identifiable information (W2 forms with Social Security Numbers), 40 percent of attackers asked recipients to click a link and 12 percent of attackers tried to establish some rapport with the target by starting a conversation.

The fact that 60 percent of BEC scams do not involve a link make these emails “especially difficult for existing email security systems, because they are often sent from legitimate email accounts, tailored to each recipient, and do not contain any suspicious links,” Barracuda explained.

Study: Most email cyberfraud attacks do not include phishing links

Featured

Ways to lower your tax burden tomorrow (and the day after)

Financial literacy initiatives on the rise in America’s high schools

Automation vs a live agent—Which do you prefer?

Under the influence: 5 key questions to ask before diving into influencer marketing

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!