Business Email Compromise-BEC

Are you emailing the correct business account? Cyber-attacks come in many forms and can destroy your business if not taken care of quickly. Business email compromise (BEC) is a growing form of cyber-attacks that are spreading worldwide and doing what they attend to do. 

It is an attack that is getting hard to avoid, but victims can be ready with the proper BEC knowledge, cyber security, and cyber insurance. The case study will discuss how an asset management company faced a costly business email compromise attack and how cyber insurance helped them recover.

What Are Business Email Compromise (BEC) Attacks?

Business email compromise (BEC) attacks are a form of a phishing attack, where attackers try to disguise themselves as a trusted account (a high role) and communicate with employees, customers, and suppliers. The conversation feels very professional and convincing. 

Cybercriminals will either hack into corporate email accounts or create new ones that appear authentic. For example, @redasiainsurance.com might look like @redasiainsurnce.comdid you spot the difference?

The aim is to eventually gain sensitive information or funds through business emails while putting the actual email owner in the dark. Unlike typical phishing emails that are bulk sent to millions of people, BEC attacks aim to trick specific individuals and can be even harder to detect.

In fact, 71% of organisations have experienced BEC attacks over the past year. It is one of the fastest-growing attacks in the past few years, and no sign of stopping.

Client Background – Asset Management Company

Our client is an asset management company that invests their client’s money on stocks, retail and various assets for the client’s benefit. In addition, they help their clients create a valuable portfolio that will benefit them financially in the future.

They are in charge of many clients, a huge amount of sensitive data and a large amount of funds. Their business runs on trust from clients and their professional knowledge. Clients are willing to send their asset manager funds to capitalise on what the professional thinks is the best investment.

The client’s trust is more valuable to the fund for such companies. However, if their professional email is used for a business email compromise (BEC) attack, it can ruin this trust.

Client Problem – Business Email Compromise (BEC) Attack

The business email compromise attack began when a high-level asset manager’s email was hacked. The hacker had complete control over his email without the manager even knowing. It is still not known how long the hacker had control.

Through investigation, the company found out the attacker was emailing big clients personally about a new secret stock that they must invest in. Then after the client’s reply, the attacker would send a fraudulent account number to the client for fund transfer.

The email exchanges were invisible to the manager and to him- he hadn’t messaged them, or they were not replying. Only if he knew the conversations that were taking place.

The total amount of funds added up to around 200,000 HKD. The BEC attacks and outcomes were only exposed when the manager personally called a few clients about their old stocks and future deals.

He was shocked to know about the email conversations and the funds transferred. The manager informed the CEO and police instantly to help solve these issues. The CEO then messaged all clients not to reply to any email without verification for a few weeks. 

According to the clients, the emails were trustworthy due to the ID and personal touch in the email.

How Cyber Insurance Was the Solution to The Business Email Compromise (BEC)?

After the awful cyber-attack discovery, they also informed their insurance company. Fortunately, they had purchased cyber insurance – the insurance will provide them with expert connections and reimburse most costs related to the business email compromise attack.

Insurance is one of the best solutions to a sudden cyber-attack, regardless of the attack and size. The insurance covers the cost of BEC investigation, informing clients, client financial loss, cyber expert services and company financial loss due to the attack.

Therefore, cyber insurance reimbursed the following costs for the asset management company:

  • Incident Response Expenses: HKD 80,000
  • Client Fund Reimbursement: HKD 200,000
  • Financial Loss: HKD 100,000
  • Cyber Security Testing (checking for the existing virus): HKD 60,000
  • Cyber Security Consultation Fees: HKD 50,000 (to prevent possible future cases)

Total Costs: HKD 490,000

Conclusion 

Business Email Compromise can be unpredictable and unrecognisable, especially when it is a hacked email instead of a near identical email. As it adds authenticity because the email comes from a trusted address, and no filter will stop it. 

BEC attacks aren’t as well-known as ransomware or other forms of cybercrime but are still a serious threat to organisations of all sizes. Anyone can be a victim of such attacks, such as clients, employees, suppliers and even business partners.

It’s essential to be aware of unusual requests, talking styles and off-brand patterns. A verification process, if suspicious, can save your client and employees a significant amount.

Hence, companies should know and learn more about the different types of attacks and ensure they and their clients are protected. The best protections are high-quality cyber security, cyber-trained employees and cyber insurance.

To learn more about cyber insurance and protect your company from Business Email Compromise attacks, contact Red Asia Insurance.