Businesses are increasingly at threat from cyber attackers who are using sophisticated emails to extract money.
Leading Dorset-headquartered cyber-security company C3IA Solutions said Business Email Compromise (BEC) is a fast-developing crime.
Those within companies who have the authorisation to handle or approve financial transactions are the usual targets.
One method criminals use is to create an email that looks like it comes from a known contact and worded in a way that persuades the target to send money.
But with filters and security getting better, this type of attack is proving less effective, but a more malicious method is replacing it.
This is when attackers compromise a legitimate email account or IT network of a supplier, contractor or business partner.
Tactics include waiting for a genuine email asking for payment to be sent to the target, then issuing a follow-up email from the same account saying the bank details have changed – and providing the hackers’ own.
The criminals are also utilising AI so they can replicate the type of wording used in genuine emails so their fraudulent ones sound right as well as look right.
Rory Griffin from C3IA Solutions said: “Government figures show that about half of all businesses have reported a cyber breach or attack, and BEC attacks make up a large number of them.
“The attacks using personalised, impersonation emails are becoming less and less likely to succeed because of better filters and security.
“But a compromised, legitimate and known email account would not be picked up by spam filters, and the recipient already trusts information from that account. This is what hackers are now using.
“And utilising AI means that even if the criminals are working from abroad and don’t speak English, they can accurately replicate wording that the recipient would recognise.
“Businesses are only responsible for the cyber security measures inside their own organisations, but it doesn’t mean they can’t speak to business partners to discuss mutual security.
“Collaborating with contacts and partners could prove a valuable alliance.
“It is worth finding out if partners use multi-factor authentication or two-step authentication across all their accounts.
“It is useful to decide upon an unwritten one-time codeword only to be used if the already-agreed and documented bank details are changed.
“Internal cyber security practices can also be improved, by such things as specialised training for the employees who handle or approve financial transactions.
“This could include things like following up a change in bank details with a telephone call, in order to prove it is genuine.
“Although not always practical, this would be an extra assurance step before transferring money out of the business.
“Not all protective measures need to be technical in nature; a renewed sense of understanding, gained through education and awareness activities, is sometimes all that is required to identify and thwart a potential cyber-attack.”
