Staying safe while working online continues to be a major concern for cyber security professionals. Business Email Compromise (BEC) and Email Account Compromise (EAC) continue to sit atop the list of most prevalent methods used by cyber criminals to gain access to your financial information.

In 2019, the FBI’s Internet Crime Complaint Center (IC3) received approximately 467,361 cyber crime submissions, with the total monetary loss approaching $3.5 billion dollars. Almost half of that amount, $1.77 billion, was attributed to BEC/EAC attacks.

‘By Victim Loss’, by Zelkja Zorz, Managing Editor, Help Net Security

While the financial loss and rate of these attacks is alarming, some victims have been able to get their money back. Last year, the IC3’s Recovery Asset Team and FBI were able to work in tandem to freeze bank accounts involved in BEC/EAC scams, restore funds, and sometimes even identify the scammer.

In addition to the BEC/EAC scams, Phishing/Vishhing/Smishing/Pharming and Personal Data Breach were some of the most frequently reported scams in 2019.

A growing trend related to these scams is Elder fraud. Elderly users are bombarded with tech support impersonation schemes, wire transfer schemes, and other phishing schemes aimed at gaining access to their personal information. Victims over the age of 60 are heavily targeted because thy are seen as having significant financial resources, are more susceptible to internet schemes, and are less likely to report fraud. If successful, the cyber criminal will continue to victimize the same user without their knowledge.

These findings solidify the need to exercise caution while navigating emails and working online. Recipients should not open any messages or attachments from senders they are not familiar with. If a user is unsure if a message is legitimate, we recommended that the user contact the sender via a second form of communication to verify its authenticity.

Plummer Slade offers and implements Microsoft Office 365 Advanced Threat Protection (ATP), as well as KnowBe4 Internet Security Awareness Training. Both products are designed to minimize these vulnerabilities while working within email.

For more information regarding email security, Microsoft Office 365 ATP, or KnowBe4 Training, please contact Plummer Slade at 412-261-5600 or email