That flowery email from a Nigerian Prince who can’t spell has been supplanted by a far more dangerous phish — the Business Email Compromise (“BEC”). According to the FBI, in the past two years over 8,000 businesses, small and large, have been victimized by BEC attacks for combined losses of over $1.2 billion.
What is BEC? BEC is a sophisticated hack in which a scammer (usually impersonating the boss) instructs an employee to send money or sensitive data to what appears to be a vendor or other plausible business recipient. In some cases, the hacker infiltrates the company’s email system and sends the email from a recognized address. In others, the email address has only a minor difference. BEC hackers also research social media and company websites to mimic communication styles and to reference actual company matters.
The best defense against BEC is solid HR training: require in-person confirmation of payment requests; educate personnel in cyber-security; and train employees never to deviate from normal checks and controls.
Farrow-Gillespie Heath Witter LLP provides employment law training and HR counseling for cyber-related issues, along with insurance policy review for coverage related to cyber attacks.
Liza Farrow-Gillespie, our beloved managing partner and co-founder, passed away on July 3, 2020. Liza was an extraordinary woman who was an incredibly gifted attorney and an even better person. She touched our lives in a special way and we will love and remember her always. If you would like to make a memorial gift in Liza’s honor, please contribute to the No Child in Pain Foundation for Pediatric Pain Management (of which Liza and her husband Alan were co-founders), Children’s Medical Center of Dallas, the Sarah T. Hughes Diversity Scholarships, or a charity of your choice.