Agari unveiled the results of a six-month cybersecurity study, which support claims that email is the most popular conduit used by fraudsters.
Capital call investment schemes are the latest kind of fraud that bad actors are harnessing to bilk Wall Street businesses and their customers out of $800,000 on average for each incident, according to a Wednesday (March 3) press release from the cybersecurity company.
The Agari H1 2021 Email Fraud And Identity Deception Trends Report also found that the cyber threat environment is full of credential phishing schemes and payroll diversion attacks. Meanwhile, corporate security operation centers (SOCs) are becoming inundated with “false-positive” phishing reports from staffers, the release stated.
Email security is once again the center of focus for chief information security officers (CISOs) due to continuing trends, such as telecommuting teams that were brought about by the pandemic, according to the release. Furthermore, schemers who are inspired by finances keep evolving as they discover novel methods to gain from any flaw in the money system.
“Cyber criminals have once again shifted their tactics, increasing their use of payroll diversion, targeting remote workers, and impersonating financial firms with new capital call scams looking for bigger payouts,” Agari Chief Marketing Officer Seth Knox said in the release. “While businesses have increased their use of cybersecurity defense, more needs to be done to prevent [business email compromise (BEC)] scams, prevent email identity deception, and automate the response to phishing incidents and security breaches.”
For instance, BEC actors pretend to be an insurance or investment company in emails to targets, seeking an infusion from an investor to be moved in line with an investment commitment, the release stated. The payments sought are much more than those in most wire transfer schemes due to the nature of those kinds of capital call transactions.
In addition, a 333 percent jump in payroll diversion attacks during the latter half of last year shows that BEC actors have moved back to those kinds of attacks, according to the release.
As PYMNTS previously reported, cybersecurity experts found a broad BEC attack targeting players in the COVID-19 vaccine supply chain.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More