Business email compromise (BEC) scams continue to wreak havoc on businesses’ B2B payment workflows, but this week’s B2B Data Digest finds ransomware has once again stolen the spotlight. Analysis uncovers the stats behind one of the most prolific ransomware attacks on small to medium-sized businesses (SMBs), while reports also find millions of dollars stolen from businesses thanks to invoice and payroll scams.
6 months ago, there were fewer BEC scams in Australia’s construction sector than today, according to a new warning issued by the Australian Cyber Security Centre. The notice said that BEC scammers are targeting construction companies posing as legitimate business partners seeking payment on invoices by changing bank details on future bills. Cyber criminals may be hacking email accounts or creating new email addresses that look similar to legitimate ones of industry firms. In a statement, Michael McKinnon, chief information officer at Tesserent, told IT Wire, “Australia’s construction industry is highly vulnerable to not only BEC scams, but also for phishing and ransomware attacks.” He added, “This is a result of years of neglect in IT spending in the sector.”
800 to 1,500 small businesses have been hit by what might be the largest-ever ransomware attack, the latest reports in The Washington Post said. The result of a cyber breach at B2B software company Kaseya, the ransomware attack quickly spread to Kaseya’s business customers, though reports noted it is unclear how widespread the damage is. Many of Kaseya’s clients are themselves B2B IT providers servicing a high volume of their own business customers, meaning as many as 1 million small businesses around the world may have been affected. REvil, the ransomware crew reportedly behind the attack, is seeking $70 million in cryptocurrency payments to unlock all businesses impacted by the ransomware, though that price tag was reportedly reduced to $50 million.
$380,960 worth of fraudulent invoices were reportedly issued by New York recruiting company Healthcare Network Alliance (HCNA) in a B2B payments fraud, local news said. The scam involved the former CEO of eHealth Global Technologies, who entered the company into a contract with HCNA, owned by the CEO’s wife. Together, they reportedly conspired to issue invoices for services that were never provided, allowing the former CEO to fraudulently reduce his taxable income, reports noted.
$500,000 was reportedly stolen from an Ohio pediatrics firm, allegedly from a former employee of the company. Local reports state that the pediatrics company is accusing the former employee of manipulating payroll to pay herself extra funds, a scam only discovered once the company sent out W2 forms to employees and discovered the individual’s salary was nearly triple what it was supposed to be, reports said. A police investigation discovered the individual reportedly also forged doctor signatures on paper checks as well as misused the company’s commercial cards.
$2.2 million was reportedly stolen in a series of scams, including BEC scams, by a Texas resident who has now been arrested, ZDNet said. The individual has been sentenced to more than 7 years in jail for the frauds, which included romance scams and BEC fraud. “These morally reprehensible schemes deprive people of their hard-earned money and even their entire life savings and retirement funds, leaving humiliation and financial ruin behind,” commented U.S. Attorney Ashley Hoff. “Our office will continue to vigorously prosecute those who conspire to prey on vulnerable victims in this manner.”
$15 million was allegedly defrauded from financial services company RIA R Squared in an invoice finance scam, according to local news reports. An individual now faces a federal civil lawsuit in the District of Wyoming filed by the FinServ company, accusing the individual of falsifying documents to secure a $15 million loan to cover accounts payable costs for his business. The documents claimed the business had a $26 million outstanding invoice from the supplier, with the individual falsifying documents of his personal bank account reportedly showing sufficient funds. The event kicked off further instances of alleged fraud, reports noted.