Phishing and business-email-compromise (BEC) schemes are on the rise, causing losses in the $50,000 to $100,000 range to small businesses across the United States. More than a third of organizations said they received an email from someone pretending to be a senior manager or business partner.
New research from German insurer HSB reveals an increase in suspicious emails targeting small businesses across the United States over the past year. According to the study, employees nation-wide are falling for phishing schemes asking them to transfer tens of thousands of dollars in company funds into fraudulent accounts.
Emails impersonate senior managers and/or partners
58% of business executives polled by Zogby Analytics for HSB said suspicious emails had increased in the past year. More than a third of the polled organizations received an email from someone pretending to be a senior manager or vendor requesting payments.
In a key finding, almost half of employees receiving fraudulent emails took the bait and responded by transferring company funds, resulting in losses most often in the $50,000 to $100,000 range (37 percent) and rarely less than $10,000 (only 11 percent).
The study doesn’t quantify potential loss of business resulted from reputation damage, diminished customer trust, and other dents left in the wake of a typical cyber incident. History has shown that these hidden costs appear later down the line and are often much greater than the initial damage.
“The scam is convincing because cyber thieves in many cases gain access to business email accounts and assume the false identities of company managers. With millions of Americans working remotely from home since the outbreak of the coronavirus, business email schemes could become an even bigger threat,” said Timothy Zeilman, HSB Vice President.
Zeilman cautions that now it’s more important than ever to employ good cybersecurity practices and thoroughly vet requests for payments.
“Don’t rely on email alone – call the person and confirm the payment is legitimate before releasing any funds,” the VP stressed.
How to keep your small office safe from fraudsters
Bitdefender Small Office Security caters to small businesses everywhere by providing a single management console that IT admins can deploy in minutes and get centralized control of up to 20 Windows, Android, macOS or iOS devices. It helps prevent data loss, thwarts hackers and malware, and secures transactions by processing your payments in a dedicated browser to prevent fraud and financial data theft. Bitdefender engineers are on call 24/7 and are easy to reach by email, phone or chat whenever your office needs help with security matters. Management of all connected devices can be done from the Bitdefender Central platform by your IT admin – no super cyberskills required. Learn more at https://www.bitdefender.com/solutions/small-office-security.html.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: https://hotforsecurity.bitdefender.com/blog/a-single-phishing-email-can-cost-a-small-business-100k-heres-how-to-protect-your-office-against-fraud-23138.html