HelpNetSecurity.com reported that “Smaller firms were hit the hardest (26% of small business fraud had a tie to the virus, as opposed to only 17% for larger companies). Presumably, their potential payouts previously fell below the radar of criminals who now, with the development of greater automation and a backdrop of expanded vulnerabilities, have broadened their sights to include targets of all sizes.” The February 19, 2021 report entitled “Business email compromise is a top concern for banks” included these survey comments:
86% of respondents from banks perceive business email compromise / authorized fraud to be the greatest risk to their business over the next 1-2 years.
21% of fraud experiences had a COVID-19 connection.
Against a multi-year trend of increasing sophistication and automation of fraud, opportunistic criminals leveraged the pandemic-driven push to remote operations to strike in a blitz offensive.
The rapid transition to a work from home (WFH) environment created exposures that outpaced structural and procedural defenses, resulting in accelerated threats and fraud loss.
No surprise since BEC has been so profitable for cybercriminals for so long!