A new survey by The Hartford Steam Boiler Inspection and Insurance Company (HSB), a subsidiary of reinsurance giant Munich Re, has identified a rise in losses related to fraudulent business emails in the U.S.
HSB found that 58% of business executives polled by cyber insurance and services provider Zogby Analytics said the number of suspicious emails they received had increased in the past year.
37% of organisations surveyed also said they received an email from someone pretending to be a senior manager or vendor requesting payments.
Almost half of employees receiving these emails (47%) responded by transferring company funds, which most often resulted in losses in the range of $50,000 to $100,000 (37%) and rarely less than $10,000 (11%).
“Whether it’s a phishing scheme or malware, most cyber attacks start with an email,” said Timothy Zeilman, Vice President for HSB. “Even companies that have information security training and fairly savvy employees fall victim to these deceptions.”
The FBI has estimated that global losses from Business Email Compromise schemes totalled $12.5 billion between October 2013 and May 2018, including at least $2.9 billion in the U.S.
Cyber thieves often gain access to business email accounts and assume the false identity of company managers in order to steal business funds and acquire W2 forms, Social Security numbers and other personal information.