As we covered in our previous post on Business Email Compromise (BEC), scammers have developed a much more elaborate—and thus, harder to detect—system in recent years, which targets specific individuals within a company and requests funds transfers to a fraudulent account, all while the target thinks they’re performing a task directly from his or her CEO.

At the time of our original post, the FBI stated that between October 2013 and August 2015, scammers had successfully targeted over 7,000 American companies; between January 2016 and June 2016, that number had increased by an astounding 1,300%.

Since then, new statistics released by the FBI’s BEC tracking division have come to light, revealing that the scope of this problem is even greater than before—from June 2016 to December 2016, American companies lost an incredible $346,160,957 to transfer fraud.  Non-American companies lost even more, at $448,464,415.

These new figures prove the problem is getting worse.  Scammers are constantly adapting and finding ways around security measures…which means companies need to protect themselves even beyond what they think is necessary.

The FBI recommends safeguarding your company in as many ways as possible, such as utilizing secure company email servers (instead of web-based ones) and establishing two-step authentication processes—for example, requiring both a password and PIN—for company email log-ins.  A more comprehensive list of strategies is available from the United States Department of Justice’s website, www.justice.gov