FBI Reports Rise in Business Email Compromise Attacks on Government Entities

The FBI has reported an increase in the number of business email compromise attacks targeted at state, local, tribal and territorial government entities.

From 2018 through 2020, cybercriminals increasingly targeted victims using spoofed emails, phishing attacks, compromised vendor accounts and credential harvesting for financial gain, the FBI said in a Private Industry Notification report.

The FBI attributed the increase in attacks to the ease of BEC operability combined with the rapid adoption of ad-hoc teleworking environments.

Criminals are also more effectively able to tailor their attacks because of the amount of publicly available information on leadership, vendor relationships and associated contractors required by government entities, the FBI added.

The boom in telework during the coronavirus pandemic also increased the use of potentially vulnerable services such as virtual private networks and other remote support tools, the bureau said.

The FBI’s Internet Crime Complaint Center noted that BEC actors are becoming more sophisticated and capable of adapting to current events.

In 2020, the Cybersecurity and Infrastructure Security Agency conducted 25 phishing campaign assessments of state, local, tribal and government entities.

CISA reported 5,500 unique clicks of “malicious links” out of the more than 40,000 emails sent during the test, constituting a 13.6 percent click rate.

The FBI recommended that employees be educated about BEC scams and strategies for identifying phishing emails and responding to suspected compromises.

One way to spot phishing attempts is to be wary of unexplained urgency regarding payment requests. Another is to look for grammar and spelling errors in emails, according to the FBI.

The bureau also recommended that information technology administrators consider conducting internal phishing campaign exercises to raise awareness.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Join Us Now