Cyber criminals are exploiting publicly available information and weaknesses in corporate email systems to trick small businesses into transferring large sums of money into fraudulent bank accounts, in schemes known as “corporate account takeover” or “business email fraud.”
Companies across the globe lost more than $1 billion from October 2013 through June 2015 as a result of such schemes, according to the Federal Bureau of Investigation. The estimates include complaints from businesses in 64 countries, though most come from U.S. firms. Both “organized crime groups from overseas and domestic-based actors” are typical perpetrators, said Patrick Fallon, a section chief in the FBI’s Criminal Investigative Division.