Phishing Attacks and Business Email Compromise On The Rise
The 2021 cyber threat landscape was significantly more active across the board, including credit unions. In fact, 77% of organizations faced Business Email Compromise (BEC) attacks in 2021 according to a Proofpoint study (2022 State of the Phish) of more than 600 IT security professionals. BEC often includes payroll redirect, supplier invoicing fraud, and fraudulent wire instructions connected with credit union mortgage or lending departments.
Cybercriminals have gone to great lengths to commit theft or fraud by manipulating credit union executives, employees, and even business members using fake, spoofed, or doctored emails, calls, and digitally-altered recordings. The surge of business email compromise (BEC) and fraudulent instruction scams typically request large wire transfers. These urgent requests often exceed $1 million.
A significant increase in fraudsters using credit union employees’ emails to instruct staff to wire funds under the guise of paying vendors has been reported. In many instances, they appear to come from trusted vendors. Additionally, more targeted attacks against credit union staff within the mortgage department have occurred. These bad actors are spoofing internal staff emails within the credit union’s mortgage department requesting wire transfers to pay other financial institutions.
« Return to "Latest News" Go to main navigation