According to new Symantec research, business email compromise (BEC), or ‘CEO fraud’, continues to be the bane of companies in 2016.
BEC scams, an evolution of Nigerian 419 scams, are low-tech financial fraud in which spoofed emails from CEOs are sent to financial staff to request large money transfers. While they require little expertise and skill, the financial rewards for the fraudsters can be high.
Symantec has taken a deep dive into BEC and found that SMBs and financial sector organisations are the most targeted by BEC scammers.
Additional key findings include:
- On average, over 400 businesses are hit by BEC scams daily, and at least 2 employees per business – likely in senior financial staff – are targeted with an email;
- The main IP addresses associated with the emails stem from Nigeria, the U.S., and the UK, among other countries;
- While there are multiple groups responsible for BEC scams, one group is responsible for over 12 per cent of BEC email traffic;
- Emails are sent Monday to Friday, following a standard working week, as scammers know that this is when businesses expect e-mails and can clear financial transactions.
For more information, you can read Symantec’s blog here.