“The sophistication of fraud has increased, in part through greater collaboration among bad actors, including the exchange of stolen data, new techniques, and expertise on the dark web.” (McKinsey)
With corporate payments fraud hitting record levels and with cybercriminals becoming ever more successful with their techniques, making sure that the organization is fully aware of the plethora of threat vectors is critical to effective cybersecurity – that is, in preventing an inevitable breach as well as resulting implications, such as financial losses. While cyberfraud comes in many different shapes, there are four types that every organization should be particularly aware of. Let’s take a look.
Business Email Compromise
Business Email Compromises (BEC) are a particularly prevalent and extremely damaging type of fraud, typically targeting the organization’s wire transfers to suppliers and vendors.
According to the FBI, BEC is the cause of nearly $1.5 billion in annual losses, with total worldwide losses estimated at $12.5 billion over the last 5 years.
These startling numbers make it easy to understand why a recent SEC report states that BEC attacks accounted for the highest estimated out-of-pocket losses from any class of cyber-facilitated crime during this period.
The perpetrators of BEC use sophisticated techniques to impersonate executives and vendors. They typically hack into the email servers and accounts of the individuals they target for impersonation. They then gather information about their communication habits and styles, so they can send emails in their name without raising suspicion.
Then, under the guise of the impersonated individual, they communicate with their victims, typically in the accounts payable department. Through these communication/emails, they request a payment to be made to a new vendor or to change the bank information of an existing one. As a result of these efforts, employees are deceived into making payments to the cybercriminal’s fraudulent account.
BEC, as with many other types of fraud, leverage a technique known as ‘social engineering.’ This method focuses on the vulnerabilities of human beings rather than those of technology.
In fact, social engineering is often considered to be the biggest cyber threat there is today. To illustrate, only 3% of malware attacks exclusively exploit a technical flaw, with an overwhelming 97% targeting user vulnerabilities through social engineering.
This approach often involves psychological and emotional manipulations that drive users or employees to inadvertently reveal sensitive information or expose security vulnerabilities.
False invoice is a very sophisticated type of fraud that focuses on exploiting supplier side vulnerabilities. The cybercriminal monitors supplier actions so as to assume their identity when communicating with the organization. In doing so, it becomes extremely difficult to identify the engagement as fraudulent.
These hackers also often create the fake invoices by making a small change to the supplier’s account information.
One notorious example of false invoice is the case of Evaldas Rimasauskas, a Lithuanian man who almost got away with defrauding Google and Facebook out of over $100 million. This infamous cybercriminal, along with his collaborators, sent fraudulent, yet extremely persuasive invoices to these companies over the course of two years, requesting the transfer of all these millions of dollars.
The fourth type of cyberfraud that every organization must be aware of is data manipulation, which typically involves making subtle, inconspicuous tweaks to data files.
In this case, cybercriminals will enter a corporate system to modify data records in small ways that are difficult to spot. Data manipulation is commonly, but not exclusively, executed by insiders such as employees in the IT department who are familiar with the organization’s systems and how to bypass the security measures that are in place.
A well-known data manipulation attack is that which was launched in 2016 against SWIFT, the global financial network that banks use to transfer billions of dollars every day. In this case, a group of hackers exploited vulnerabilities in the systems of SWIFT member banks, compromising their legitimate access credentials. The hackers used these altered credentials to affect SWIFT funds transfer requests and divert them to other member banks which, trusting the authenticity of the messages, executed payments to accounts controlled by the attackers.
How nsKnox Helps Organizations Detect & Prevent Cyberfraud in Real Time
To combat the continued escalation in the frequency of cyberattacks and their ever-evolving methods, organizations – unfortunately – often turn to traditional means of defense that are regrettably limited in their efficacy. Namely, they mandate more controls, hire more personnel, and implement ever more awareness programs.
However, the numbers presented earlier clearly suggest that augmenting traditional approaches remains wholly insufficient. Clearly, a robust technology-driven approach is needed.
This is where nsKnox comes in, bringing a technology-driven approach to detecting and preventing corporate payments cyberfraud.
Our Global Payee Database™ is a highly secured global directory of verified businesses, with functionality to manage the registration, validation, and on-going verification of the supplier details required for executing payments. This ensures organizations can protect their payments-related financial assets against the most commonly exploited cyber-fraud vulnerabilities, which are typically concentrated on the corruption of supplier payment details.
Moreover, our TxAuthority™ solution enables a uniquely real-time, autonomous approach to securing transactions with the approved supplier and account, as well as real-time detection, alerting, and blocking of fraudulent payment attempts.