Security Experts Analysis Of FBI Crime Report

In its new FBI Internet Crime Report, the FBI said it received 467,361 internet and cyber-crime complaints in 2019, and that almost half of the reported losses — an estimated $1.77 billion — came from reports of BEC (Business Email Compromise), also known as EAC (Email Account Compromise) crimes.

FBI Internet Crime Report 2019: https://pdf.ic3.gov/2019_IC3Report.pdf


EXPERTS COMMENTS
Tal Zamir, Founder and CTO,  Hysolate
February 13, 2020
According to the FBI, both the number of ransomware incidents and the total ransomware-related losses continued to increase in 2019.
According to the FBI, both the number of ransomware incidents and the total ransomware-related losses continued to increase in 2019. It's interesting to see this trend gaining momentum regardless of the ever-increasing investment in cybersecurity solutions that should have stopped ransomware from infecting user devices and causing damage. Typical anti-ransomware solutions use endpoint security age ....
[Read More >>]
Andy Harcup, VP EMEA,  Absolute Software
February 14, 2020
The reason portable devices are major targets is that they are full of personal and financial information.
These figures reinforce the fact that cyber-crime is a lucrative business worth billion, a statistic that will only encourage an increase in illegal activity in the long-term. Despite these troubling headlines, many businesses are still not getting the message about the risk posed by hackers, who are seeking to exploit security vulnerabilities in all areas of organisations. Increasingly, mobile ....
[Read More >>]
Erich Kron, Security Awareness Advocate,  KnowBe4
February 13, 2020
There is no limit to the types of attempted scams using the moniker of executive leadership.
Business Email compromise, or (BEC), has been around for a number of years, but continues to evolve, bringing with it significant losses and frustration. It is typical for BEC scams to mimic executives or managers within organizations in order to use their authority to convince employees to perform unusual or dangerous actions that result in redirected funds. This same basic scheme of pretending t ....
[Read More >>]
Paul Gagliardi, Head of Threat Intelligence and CISO,  SecurityScorecard
February 13, 2020
This is not to say a criminal group cannot achieve acquiring this knowledge, but there doesn't really seem to be a precedent for it yet.
I initially thought this might be Iran or nation state related as the oil and gas, critical infrastructure caught my eye. Open source intelligence seems to greatly concur that this is indeed a criminal group, Orangeworm, and not a nation state. They are quite sophisticated in their selective targeting, pivoting, long term data collection investment, and tool development. For criminal groups they a ....
[Read More >>]
Ed Macnair, CEO ,  Censornet
February 13, 2020
Many organisations remain vulnerable to email attacks because criminals have updated their methods to stay ahead of traditional email security.
These findings from the FBI are shocking but unfortunately just confirm what we have already seen in the security market - that email attacks remain the most popular types of attack for criminals. This may be surprising for some readers who might think email has been around long enough to be protected, or might have suspected more complex malware based attacks such as ransomware to be more prevale ....
[Read More >>]
Stuart Reed, VP ,  Nominet
February 13, 2020
The advice to consumers is plentiful – from spotting dubious websites to identifying phishing emails.
Data from the internet crime complaint centre revealing that criminals netted $3.5bn from crimes reported to the FBI in 2019 highlights the very real issue of spotting a fake. The advice to consumers is plentiful – from spotting dubious websites to identifying phishing emails – and eventually this will become fundamental cyber-savviness that we’ll all need to have. There is also a responsibi ....
[Read More >>]
Paul Bischoff, Privacy Advocate,  Comparitech
February 13, 2020
Phishing leverages the weakest point of cybersecurity: humans.
The FBI's report states the bureau received 68,013 complaints from victims over the age of 60 with adjusted losses in excess of $835 million. Elder fraud is hugely underreported, with some estimates saying fewer than 1 in 23 cases actually reported to authorities. Based on those figures, our own analysis shows seniors lose $27 billion to elder financial abuse every year. Much of this is perpetrate ....
[Read More >>]
Patrick Hamilton, Security Evangelist ,  Lucy Security
February 13, 2020
Email is a perfect storm—not because of sophisticated attacks—but because of the things that make users vulnerable.
It’s well known that email is the most frequent form of attack, it’s well known that email is most easily compromised, and it’s well known that scammers rely on deception. Email is a perfect storm—not because of sophisticated attacks—but because of the things that make users vulnerable: being in a rush, being stressed out, losing focus, fear of loss, wanting to look good, and greed. Soun ....
[Read More >>]
Colin Bastable, CEO ,  Lucy Security
February 13, 2020
BEC fraud does not respect seniority, and it pays exceedingly well!
BEC is commonly referred to as CEO fraud, because it relies on the exploitation of authority figures and the sense of urgency that loyal subordinates have for the boss. The C Suite can be an invaluable ally for hackers, because they often over-ride rules and processes “to get the job done!” While BEC hackers rarely need to be super-hackers, they do need to be patient sleuths and good social en ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article