Key conclusions:
- The city of Baltimore lost more than 1.5 million dollars. The United States as a result of an email compromise (BEC) in early 2025.
- The attacks occurred despite the installation of internal control after similar attacks in 2019 and 2022.
- The bek of attacks are on the rise – this is not a thing, but When This will happen to your organization. If you, of course, will not protect yourself.
- Despite the fact that it is difficult to block complex security tools, these attacks can be prevented by simple, but effective methods.
The city of Baltimore in Maryland, USA, lost more than $ 1.5 million. The United States at the beginning of this year after the fraudster transferred to his account a payment intended for one of the authorized city sellers.
Based on the report of August 27 of the Office of General Inspector Baltimore, scam occurred from February to March this year.
The actual attack began in December 2024, when the fraudster presented the supplier’s contact uniform in the city, representing one of his suppliers as an employee.
Although the fraudster used the email address, which was not released by the supplier, city employees did not check this information (typical city employees …?).
Then the employees added fraud to the accounting day of the supplier, which is a platform for issuing accounts for city suppliers.
Now, having access to the Workday account, the fraudster has changed the seller’s bank account with his own. In the end, they were able to levy the city of 803 384.44 US dollars in February and 721,236.60 US dollars next month.
But Kiker: This is not the first time that the city lost money on the scam.
The city of Baltimore is already Lost 62 377.50 US dollars in 2019 And additional $ 376 213.10 in 2021 In similar incidents.
Despite the establishment of internal control after these incidents, the scam of this year showed that city employees did not use them, which allowed attacks to succeed.
Growing Attic risk becs
Baltimore fraud is only one of the growing number of compromise compromises of email (BEC) around the world.
The BeC attack can occur when a fraudster impersonates a trustee (for example, a supplier employee) and convinces the victim’s employees to provide them with access to confidential data or, in the case of Baltimore, the supplier account.
According to the SSL store, only American enterprises have Lost more than 2.9 billion dollars. USA from this type of attack in 2023Field
Figures can grow only as the methods become complex.
One of the largest factors that can contribute to the growth of attacks is AI. This can be in various forms, including the following:
- Writing an electronic letter that imitates the style of writing certain managers. This can deceive the recipient, thinking that email is genuine.
- Voice cloning and video Deepfakes can raise fraud to the next level, improving their voice and face.
- Ay chat -bots that give colleagues. This can help scammers successfully convince the employee to disclose confidential information.
Of course, there are these proven tools for the BEC attack:
- Emails that are amenable to the legal email address It may convince the recipient that this is legal.
- Fraudsters can also use fake domains to make emails, and phishing sites look more convincing.
- Telephone numbers can also be forged to show that a trusted person or subject calls.
Then there is a human factor. Social engineering techniquesWhere scammers are deceiving victims in order to exchange confidential information, even the most advanced technologies can surpass to prevent the BeC attacks.
Unlike the use of malware or fake email addresses, the attacks of social engineering are much more difficult to block using tools such as e -mail filters. This is what made the attack on the city of Baltimore especially effective.
Ways to protect your organization from attack attacks
As we saw in the case of the city of Baltimore, organizations can repeatedly experience the attacks of the BeC even with protocols on the spot.
It is more difficult to block them, because they are aimed at people in the organization, and not just their IT infrastructure. Good news is that there are ways to minimize the risk of your organization, including the following:
- Check the information. The attack on Baltimore succeeded because city employees did not check the email address of the fraudster. To prevent this, you can demand at least two employees to verify information and contact the supplier or partner if they really make a request to change their information.
- Conduct regular security training. This can help your employees carefully look at the information, for example, email addresses and web sites with errors. The launch of the simulated attacks can also make them more aware of them.
- Management who can approve payments and change information. Make sure that only authorized personnel can do these things, especially with big payments.
- Report the incidents immediately. If the BeC attack occurs, immediately inform your bank and the police. This will increase your chances of freezing and return the stolen means.
Bec Attacks are inevitable, but preventable
When it comes to the attacks, this is not about whether it can, but when it can happen to you. Despite the fact that it has been less technologically advanced than other cyber attacks, the BeC attacks are very effective because they operate your employees, and not your IT infrastructure.
These attacks will continue to develop, so it is important to always be a few steps ahead of potential fraud.
Regularly train your employees, check information and transactions and strictly observe who can approve payments is only a few ways to do this.
Fast The city of Baltimore loses more than 1.5 million dollars. USA, BeC attack, low -tech, but high fraud appeared first TechReportField
