One-Third of Cybercrime Losses Stem From Compromised Business Email

email fraud

When criminals impersonate company executives or business partners to deceive employees into diverting funds their way, that’s business email compromise (BEC).

It is also the costliest form of cybercrime, to the tune of $2.4 billion in 2021 and accounting for fully one-third of all the money lost to cybercrime, as reported in the November edition of the “B2B Payments Fraud Tracker®” series, “The Hidden Costs of B2B Payments Fraud,” a PYMNTS and nsKnox collaboration.

Beyond the monetary costs, businesses that fall victim to BEC must also cope with reputational damage if the incident is publicized, as nearly 60% of the cases are attributed to company insiders who acted negligently or with malicious intent.

Misleading AP and AR Staff 

“Fraudsters seek to attack targets that lack protection or have loose controls,” nsKnox Chief Operating Officer Nithai Barzam wrote in the report. “They are adept at hacking email servers and manipulating employees into granting them access. Once they are in, they can easily mislead accounts payable or accounts receivable staff.”

As PYMNTS reported in July, BEC fraud is difficult to counter after the fact because it is technically a legitimate transaction, albeit one that a fraudster tricked an accountant into making. For example, a bad actor may pretend to be a company’s supplier and trick a company’s accounting team into paying them instead of the firm’s actual vendor.

In some versions of the BEC scheme, scammers steal employees’ personal identifiable information (PII) or tax information instead of money, which makes behavioral analytics a critical tool for mitigating further incidents of fraud that leverage this stolen data.

The increasing amount of corporate fraud and corruption that has been happening since 2020 has also been driven by the acceleration of the digital transformation and the rise of remote work, because companies raced to establish new digital channels and did not always do so with the appropriate managerial oversight and governance.

Taking Human Error Out of the Fraud Equation 

In an aim to prevent BEC and other forms of fraud, many businesses are looking to digital solutions that take human error out of the fraud equation.

In fact, 71% of businesses plan to implement digital solutions to prevent fraud and 49% say finding a better digital solution for fraud prevention is their primary fraud prevention plan.

Automation of digital identity verification, for example, offers a powerful solution that can boost companies’ satisfaction with their anti-fraud platforms.

Seeing the Results of Automated Solutions 

The experiences of firms that have already implemented digital solutions point to the improvements that can be made and the cybercrime losses that can be stemmed.

Firms with anti-fraud solutions that are proactive and automated report losing only 2.3% of their annual revenue to fraud, while firms using solutions that are reactive and manual say they lose 4.5%.

Barzam wrote in the report that, “organizations must protect all payment types using technology-driven validation of payee and account details while making sure all payment-related data and files are protected in a way that they cannot be tampered with.”

For all PYMNTS B2B coverage, subscribe to the daily B2B Newsletter.