In just a few short years, Business Email Compromise (BEC) has gone from a peripheral threat to a major cyber risk for organizations. It’s making criminal gangs millions of dollars each month, hitting corporate profits and reputation in the process. Trend Micro has built a formidable array of resources over the past few years to help protect our global customers from BEC. We also recognize that to combat cybercrime effectively, we have a duty to share these resources with law enforcement agencies wherever possible.
That’s why we’ve teamed up with INTERPOL in a new awareness-raising campaign set to launch in 59 participating countries around the world this month.
BEC on the rise
Reported BEC attacks cost global firms nearly $1.3 billion in 2018, almost half of total cybercrime losses recorded by the FBI. The problem is getting worse. We detected a 58% increase in BEC attempts on customers in the first half of 2019 compared to the last six months of 2018. Some firms have been conned out of tens of millions of dollars. Among the list effected include Facebook ($99m) and Google ($23m), to name but a few.
Reports suggest BEC gangs are employing increasingly professionalized tactics, for example using commercial lead generation services to amass databases of tens of thousands of corporate executives to target. Victims need not be large enterprises either: BEC could affect SMBs, schools, non-profits — any organization that makes regular wire transfers.
It’s perhaps no surprise that BEC made such gangs over $300m each month in 2018 from US victims alone, according to the Treasury.
At Trend Micro, we have developed multiple layers of protection to help insulate our customers from the worst effects of BEC. These include our AI-powered Writing Style DNA feature that learns the writing characteristics of your executives and sounds the alarm if it spots any emails deviating from the norm. We also make it a priority to collaborate with global law enforcement agencies to raise BEC awareness among global organizations.
INTERPOL’s new campaign will launch during the Europol-Interpol Cybercrime Conference on October 9-11 and feature a series of infographics posted across Twitter, Facebook and Instagram over the succeeding weeks. Each post will tackle a new area, including:
Trend Micro will support the campaign by reposting the infographics and adding links to its own resources to further educate and raise awareness among possible BEC targets.
This is the latest in a long line of collaborative efforts between Trend Micro and INTERPOL.
Back in 2014, we signed an three year agreement to support the body with additional knowledge, resources and tactics, which has been extended through March 2021. Since then, we helped to disrupt a major $60m BEC network in a swoop that led to the arrest of its leader. In another joint operation, Trend Micro helped to identify nearly 270 websites infected with malware and 8,800 C&C servers across eight countries, which were responsible for spreading malware and spam, and launching DDoS attacks.
It’s great to see law enforcement making inroads into cybercrime gangs. Some 281 BEC suspects were recently arrested in a global crackdown. However, we know these efforts are just scratching the surface. That’s why we will continue to provide both industry leading threat protection for our customers, as well as collaborate on awareness raising and law enforcement operations. Public-private partnerships of this sort are necessary in a world in which the bad guys are often more agile and willing to team up to achieve common goals.