Business, beware: Report finds surge in business email scams

“Payroll Diversions” remained a continued threat, making up 31 per cent of BEC emails, with “Request for Document” scams decreasing in popularity yet still remaining active at 2 per cent.

In 2024, BEC scams made upwards of $2 billion in adjustments, with the report, which was published last week, emphasising the changing nature of scams and the new strategies cyber criminals are employing, driving these numbers.

Unsurprisingly, AI-driven BEC scams have “exploded” in recent years, with large language model chatbots being able to generate increasingly believable and convincing content.

Found in both AI- and human-made BEC communications, the report emphasised the increasing length of messages, saying that longer content is becoming more rampant and complex.

“Traditional BEC spam is characterised as short, concise, and straight to the point, written in one to three sentences with no link or attachment,” the report said.

“This is still the norm, but we are now seeing more BEC emails that have longer message bodies.

VIEW ALL

“Cyber criminals take different approaches to crafting longer emails; however, all have the goal of making their emails appear authentic and urgent to the recipients.”

LevelBlue advises that for businesses to safeguard themselves from BEC, measures should be purposefully taken to avoid becoming a vulnerable target to an attack.

Following the report findings, LevelBlue highlights security training, financial process control and authentication, and identity access management as the key strategies that should be adopted to prevent a BEC attack.

The full report findings are available here.