When it comes to fraud threats, no company — large or small — is immune.
In this week’s Data Digest, PYMNTS rounds up the latest cases and research into how corporates are being targeted with crimes like the business email compromise (BEC) scam, as well as how they’re fighting back.
The Federal Trade Commission recently filed a complaint against Yellowstone Capital, Fundry and their officers, alleging the merchant cash advance companies had been withdrawing funds from small business bank accounts. The FTC complaint also accuses the companies of deceiving mall business customers about their merchant cash advance products.
Meanwhile, research released by Agari found some of the largest corporations in the world continue to be duped by cybercriminals. The two cases reflect the breadth of fraudulent activity that can hit any kind of business. PYMNTS breaks down the numbers of the latest in B2B fraud below.
9 in 10 of ASX 100 companies were found to have lapsed security strategies that allow for email spoofing and invoice scams, a new report from Agari said. The company’s H2 2020 Email Fraud and Identity Deception Trends report revealed widespread vulnerabilities among the largest corporations, and noted 70 percent of BEC scams are sent via free webmail accounts, an increase from 54 percent last December. Security Operations Centers saw 90 times more malicious emails, and as Agari noted, these centers are struggling with a 67 false-positive rate, meaning they’re taking valuable time to assess threats within legitimate and safe emails.
15 percent more spend on cybersecurity will aim to help banks and financial firms combat cybercrime, new data from Deloitte & Touche LLP and the Financial Services Information Sharing and Analysis Center revealed, according to Bloomberg. The year-over-year cybersecurity budget increase amounts to an average spend of $2,691 per employee. As Bloomberg calculated, that would mean an estimated $850 million annual for J.P. Morgan Chase, and $900 million for Wells Fargo. Researchers also found an increase in the number of times bank employees clicked malicious links as fraudsters aimed to take advantage of the current volatility related to the pandemic.
1,000 companies across the globe have been targeted in a BEC scam zeroing in on Office 365, according to a new report from Trend Micro. The cybersecurity company discovered hackers collected more than 800 sets of credentials from targeted companies and their business executives in an attempt to steal corporate funds by creating false invoices, sending them to lower-level employees, and directing accounts payable departments to pay those invoices into fraudsters’ accounts. According to Trend Micro, this criminal activity continues.
$300,000 was stolen by an accountant in Australia, according to ABC.net.au reports. The accountant reportedly siphoned the money while working as a bookkeeper for a small business. After pleading guilty, the individual was sentenced to a two-year jail sentence. According to reports, the individual had access to the business’s bank accounts, allowing her to make tax payments. That access allowed the accountant to make payments from the business to her own personal account, reports said.
$5 billion in unreported debts have been disclosed by NMC Health and Finablr as part of an ongoing investigation into the UAE’s largest private healthcare provider. Earlier this year NMC disclosed the debts, leading to its collapse and and creditors placing the company into administration. As the investigation continues, reports in the Financial Times say evidence of forged documents and invoice fraud have surfaced, with pharmaceuticals company Now Neopharma probing whether NMC’s debts can be traced back to false invoices related to fake medicine sales. The Financial Times cited documents that suggest the invoice fraud scheme allowed NMC to secure loans in the UAE via Neopharma.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More