BEC attacks increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud, Abnormal Security research reveals.
“As the industry’s only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers,” said Evan Reiser, CEO of Abnormal Security.
“Not only are BEC campaigns continuing to increase overall, they are rising in 75% of industries that we track. Since these attacks are targeted and sophisticated, these increases could indicate an ability for threat actors to scale that may overwhelm some businesses.”
For this research, BEC campaigns across eight major industries were tracked, including retail/consumer goods and manufacturing, technology, energy/infrastructure, services, medical, media/tv, finance and hospitality.
Growth by industry
During Q3, BEC campaign volume increased in six out of eight industries, with energy/infrastructure seeing the highest jump of 93% from Q2 to Q3. Retail/consumer goods and manufacturing, technology and media received the highest volume of attacks during the quarter.
During Q3, attackers continued to focus primarily on invoice and payment fraud, which increased 155% from Q2 to Q3. This trend was particularly notable in retail/consumer goods and manufacturing.
Threat actors continue to target invoice and payment fraud BEC attacks at finance departments, which increased by 54% on average per week from Q2 to Q3. In addition, attackers shifted tactics by increasing email attacks to group mailboxes by 212%.
Additional findings
- While credential-phishing COVID-19 related attacks decreased by 82%, invoice and payment fraud that continues to leverage the fear, uncertainty and doubt of the pandemic increased by 81%.
- The most impersonated brands returned to the pre-pandemic “normal,” as Zoom dropped away from the top spot, replaced by DHL and followed by Dropbox and Amazon. Rounding out the top five were iCloud and LinkedIn.