BEC Scammers Turn to Aging Reports in New Twist

Written by

Security experts are warning of a new tactic used by BEC attackers, as new stats reveal that businesses on average receive five scams each month.

The latest technique involves scammers impersonating CEOs, not to demand a fund transfer but instead a list of customers who owe the company money, according to Agari threat researcher James Linton.

This “aging report” or “schedule of accounts receivable” is held by every accounting department as an essential way to manage unpaid invoices and credit memos.

However, if the victim falls for the scam and hands the list over to the attacker, they’re unwittingly providing them with a valuable piece of intelligence.

Once the aging report has been received, the scammer typically asks for email addresses of all the customers on it. They can then email these companies pretending to be a member of the finance team requesting the outstanding balance listed on the report be paid, explained Linton.

“The scammers will likely offer incentives for them to resolve their ‘debts’ more quickly, such as reducing the amount they owe if they settle their outstanding balance immediately,” he said.

“The actor is then only left to inform the payee that there has been a recent change of banking details and provide them with updated account information for an account controlled by the criminals.”

He warned that this type of scam is arguably more disruptive than a regular BEC attack because it requires the affected company to contact all their customers to warn of a potential threat.

The news comes as new figures emerged from Symantec revealing that an average of 6029 organizations were targeted by BEC emails each month during the past 12 months.

The top five countries targeted were the US (39%), the UK (26%), Australia (11%), Belgium (3%) and Germany (3%).

What’s hot on Infosecurity Magazine?