Cybercriminals are targeting organizations that use cloud-based email services to conduct business email compromise, or BEC, scams, the NCUA warned credit unions in a regulatory alert on Tuesday.
One of the most effective types of BEC scams is initiated through phishing emails designed to steal email account credentials, according to the alert. Cybercriminals use phishing kits that impersonate popular cloud-based email services, and many phishing kits identify the email service associated with each set of compromised credentials, allowing the cybercriminal to target victims using cloud-based services.
Upon compromising victim email accounts, cybercriminals analyze the content of compromised email accounts for evidence of financial transactions. Further, the actors often configure mailbox rules of a compromised account to delete key messages. They may also enable automatic forwarding to an outside email account, according to the alert.
The alert stated that credit unions can take steps to prevent BEC fraud and should report any incidents of fraud immediately to the FBI’s Internet Crime Complaint Center and local FBI field office. Reporting incidents to the Internet Crime Complaint Center within 24 hours increases the chances of recovery for funds wired under fraudulent pretenses, the alert stated.
Access the full alert, which outlines specific ways credit unions can prevent BDC scams, prevent wire transfer fraud and report and recover funds from BEC fraud on the NCUA website. Additional information about preventing BEC scams can also be found on the FBI’s website.