Business Email Compromises Are a Critical Threat and Increasing

With an average cost to businesses of $5 million per breach, it’s no surprise that the FBI has named business email compromise (BEC) as a critical multibillion-dollar scam. 

Earlier this month, a prominent email security firm reported an 81% increase in BEC attacks between the first and second half of 2022. And the truly shocking part is that those attack emails were opened at a median rate of 28%.

BEC attacks are different from typical phishing emails that we thwart daily. With BEC, scammers attack their target companies by impersonating employees at a third-party company that the target company does business with. Unfortunately, the employees are much more likely to trust an email sender from a known vendor or supplier. Read more about some real-world BEC scams here.
 

What can you do?

• Take your annual “FIT Is Cybersafe” training. Please refer to the email (via General Announcements) from Cynthia Glass and Roberta Elins that was sent Monday, January 30, about taking this training during your workday. Remember: Adjunct classroom faculty are compensated for completing this training. The training is 30 minutes long and you can stop and start the training as many times as you need until it is completed. You have until the end of the spring semester to complete this training. Please note that this training is referred to in Section V of FIT’s Information Security Policy.

Please log in here to begin.

• Report suspicious email to us. If you believe you have received a phishing email, please report it in one of three ways:

  • Report it to Google with the “report a phish” button. Learn how here.

  • Forward the email to [email protected] and we will investigate.

  • Open a ticket at techhelp.fitnyc.edu.