The town of Peterborough, New Hampshire lost $2.3 million after BEC scammers redirected multiple bank transfers using forged documents sent to the town’s Finance Department staff via various email exchanges. The town doesn’t believe that the funds can be recovered by reversing the transactions, or that these losses will be covered by insurance.
<p>Most people think ransomware is completely responsible for the increased rates and lower coverages being seen in the cybersecurity insurance industry, but BEC scams are also big part, and were causing insurance industry profitability issues even before ransomware became the biggest issue. It\’s hard for this type of scam to be fixed by technology, but simply making it a policy, and testing and enforcing it, that no one takes and implement payment changes without first verifying by calling a predefined trusted phone number to the people responsible for the legitimate payments, would solve most, if not all, of these sorts of attacks. You simply cannot trust email for payment change instructions.</p>