HARTFORD, Conn.–(BUSINESS WIRE)–U.S. small businesses report an increase in suspicious emails over the past year, a cyber survey by HSB shows, and employees are taking the bait as they fall for phishing schemes and transfer tens of thousands of dollars in company funds into fraudulent accounts.
“Whether it’s a phishing scheme, fraud or malware, most cyber-attacks start with an email,” said Timothy Zeilman, vice president for HSB, part of Munich Re. “Even companies that have information security training and fairly savvy employees fall victim to these deceptions.”
Over half of business executives (58 percent) polled by Zogby Analytics for HSB, a leading provider of cyber insurance and services, said suspicious emails had increased in the past year.
More than a third (37 percent) of the organizations received an email from someone pretending to be a senior manager or vendor requesting payments.
Almost half of employees receiving those emails (47 percent) responded by transferring company funds, resulting in losses most often in the $50,000 to $100,000 range (37 percent) and rarely less than $10,000 (only 11 percent).
The scam is convincing because cyber thieves in many cases gain access to business email accounts and assume the false identities of company managers.
With millions of Americans working remotely from home since the outbreak of the coronavirus, business email schemes could become an even bigger threat, Zeilman said.
“It’s more important than ever to pay attention to safe cyber security practices and make sure you verify requests for payments,” he said. “Don’t rely on email alone – call the person and confirm the payment is legitimate before releasing any funds.”