Insights from the field (agent) – FBI field agent that is…
We’ve had a few days of insightful discussions at the world’s largest legal IT security event, ILTA LegalSEC. Since many of you are not able to (or not in the right frame of mind to) travel to beautiful Baltimore to experience this event live, I thought I would dedicate this week’s Tech Essentials to sharing the top three FBI-special-agent speaker insights (from my perspective).
- Ransomware sounds ferocious. But, Business Email Compromise is much more financially ferocious. The FBI’s 2022 cybercrime report states that total financial losses from Ransomware attacks over the year were $35 million. Meanwhile, total Business Email Compromise losses were $2.7 billion. Said another way, Ransomware is 1.3% the financial risk in aggregate as Business Email Compromise losses. Wow, that was an unexpected statistic!
- What is Ransomware, you might ask your friendly Chat AI? It is when cybercriminals cryptographically lock critical files on your computer systems and will only unlock them if you pay them money, ransom. This is usually a high tech intrusion and complex deployment of malware, etc.
- That sounds fierce. What is, by comparison, a Business Email Compromise attack? Also known as BEC, this is when a cybercriminal poses as a trusted colleague and uses low tech psychological tactics to trick people into mis-wiring funds (to the cybercriminal rather than to a legitimate invoice payment account or transaction closing escrow). This is relatively low tech but highly methodical in terms of cyber-trickery.
- Top targets for BEC, according to the FBI special agent presenters, are real estate firms and those associated (realtors, title insurance, closing agents, closing agent attorneys, settlement agencies, escrow agents, mortgage banks, etc.). Middle of the pack-targets are law firms as well as human resources and invoicing departments of companies of all sizes.
- The FBI says that if they are notified within 72 hours of the mis-wire, they are 84% likely to recover the funds. Beyond 72 hours, nil. But, due to the tactics that the cybercriminals use, they are so tricky, that the FBI reports it takes on average 11 days for people to realize there was a mis-wire! And, many people do not report the mis-wire to the FBI for fear the FBI will take their computers to preserve evidence – which the FBI says is not something they would normally do.
- Where do the cybercriminals enter the conversation for BEC? According to the FBI, they enter the e-dialog via “email account compromise” techniques. They are not targeting YOU, as YOU are very smart and secure. They are eavesdropping on email in the inbox of YOUR RECIPIENTS; those who you send invoices to or send closing transaction details to, such as wire transfer information. THEY (your email recipients) are not as secure as YOU and this is how they pounce.
- (BONUS). What is the best cybersecurity service to pre-empt this cybercrime? Of course, it’s RMail’s PRE-Crime targeted attack prevention service offering with its Email Eavesdropping™ detectors.
If you are interested in receiving some insightful articles or links to this FBI research --- or using the above mentioned RMail services, please contact RPost here and ask for “BEC insights”.