In line with trends in the US, the number of Australian victims to business email compromise (BEC) fraud is on the rise.There were 243 victims of BEC fraud in the first quarter of 2016-2017 Australian financial year, according to figures in a new report on organised crime by the Australian Criminal Intelligence Commission (ACIC).There were 749 cases reported in 2015-2016, the first full financial year that ACORN collected data on BEC fraud. The new numbers suggest victim numbers are on the rise.ACIC didn’t report the value of losses, however the FBI says BEC fraud has grown into a multibillion dollar threat, affecting tens of thousands of firms around the world. BEC is a type of phishing that usually involves tricking a target into wiring funds to a fraudster’s account. Fraudsters adopt multiple identifies, ranging from the CEO or CFO of a company, to suppliers, a lawyer or any other identity a victim might expect to communicate with in the course of normal business. Over time they’ll convince the victim to wire funds that would normally be paid to a supplier. Often the attackers compromise a target’s email to study patterns of behavior. It’s considered a low-tech but sophisticated crime as it relies on highly targeted social engineering without necessarily compromising a victim’s network. The FBI estimates BEC fraudsters have attempted to scam $5.3bn from organizations since 2013. Over 40,000 organizations from 132 nations have been targeted, though actual losses are less than $5.3bn.Last August Brisbane City Council lost $450,000 to BEC fraudsters after making nine transfers it believed were payments to a professional services supplier.Facebook and Google were reportedly the victims of a BEC scammer who’d cheated both firms of $100m over two years, posing as Taiwanese hardware maker Quanta Computer.ACIC’s report classifies BEC fraud as one of the main components of cybercrime, itself one of several serious financial crimes along with card fraud, investment fraud, tax fraud, and superannuation fraud.The report also identified encryption and encrypted messaging apps as a key enabler of organized crime. Related content news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Government Government news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware news analysis Web app, API attacks surge as cybercriminals target financial services The financial services sector has also experienced an increase in Layer 3 and Layer 4 DDoS attacks. By Michael Hill Sep 27, 2023 6 mins Financial Services Industry Cyberattacks Application Security news Immersive Labs adds custom 'workforce exercising' for each organizational role With the new workforce exercising capability, CISOs will be able to see each role’s cybersecurity readiness, risk areas, and exercise progress. By Shweta Sharma Sep 27, 2023 3 mins Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe