Business Email Compromise (BEC): A Growing Threat
Business Email Compromise (BEC) is a significant issue for companies, where hackers steal login details from supplier or vendor organizations to issue fake invoices or change bank detail requests. This scam was notably used by a Lithuanian hacker to trick Facebook and Google into handing over $172 million between 2013 and 2015.
The hacker, Evaldas Rimasauskas, sent fake invoices to employees of these tech giants, appearing to be from a major Taiwanese hardware maker, a business partner of both companies. The invoices and bank change requests come from legitimate email addresses and often include a prior email trail of messages, creating a false sense of security.
While Google and Facebook managed to recover their losses, with Rimasauskas currently serving a five-year prison sentence, BEC remains a serious threat to the corporate sector, according to Australian secure payments data platform Eftsure.
Eftsure's Role in Combating BEC
Eftsure's technology verifies supplier bank account details and other compliance information before a payment is made. According to co-founder and CEO Mike Kontorovich, BEC attacks are becoming more sophisticated, with hackers targeting the supply chain to infiltrate corporate systems.
"What we are seeing is that a big company’s partner may get their system hacked and then the cybercriminals send invoices and emails that are valid," he said.
"The banks leave the accountability to their customers, so at the corporate level where you are paying a lot of people you wouldn’t pick up a fraudulent account immediately," he said.
"Our financial controls aren’t quite there yet, even though digital payments are everywhere."
Eftsure has a joint business relationship with PwC Australia through the professional services firm’s Align program.
"We look at technology from upcoming companies and introduce them to our larger clients," PwC partner Ross Thorpe said.
"Eftsure is solving a big problem for a number of our clients. Using crowd-sourcing as part of the solution is a great idea."
Author: Supratim Adhikari, Technology Editor at The Australian
First published in The Australian on 11th February 2020
