Skip to main content
close search
site logo
Dive Brief

FBI, CISA warn of heightened risk of BEC attacks during holiday season

Authorities encouraged prompt reporting, which can help recover stolen payments.

Published Nov. 27, 2024
David Jones's headshot
Reporter
A person wearing jeans and a sweater holds a credit card over a laptop, with a blurry holiday tree in the background.
stock photo via Getty Images

Dive Brief:

  • The FBI and Cybersecurity and Infrastructure Security Agency on Tuesday warned businesses to protect themselves against cybercriminals trying to fraudulently divert payments during the holiday season.
  • Threat activity involving fraudulent third parties usually accelerates during the holiday season, the agencies said. Businesses need to be aware of emails from alleged vendors or retailers claiming to change their account numbers. 
  • Officials urged businesses and individuals that are targeted to promptly report the incidents to IC3, which has an asset recovery unit that can help intercept fraudulent payment activity and return those payments back to the victim.

Dive Insight:

The warnings come just days before the official launch of the holiday shopping season, beginning on Thanksgiving and extending through the Black Friday weekend. Retailers, many of which started the deals early, will promote extended discounts through at least Cyber Monday. 

Companies often spend the holiday season working to reconcile any outstanding payments they are owed, and also pay organizations they owe money to at the end of the year. During this period authorities say there is a heightened threat of business email compromise attacks. 

“I think that businesses should be very leery of any changes in payment information for their vendors,” said Mary Gleason, supervisory special agent at the FBI field office in Phoenix, told Cybersecurity Dive. 

The threat from these types of attacks is not only to direct businesses, but the customers of these businesses as well, according to Jerry Keely, a cybersecurity advisor in CISA’s Region 9, which includes Arizona, California, Nevada, Hawaii and some U.S. territories.  

Gleason stressed that victims of these attacks should report them immediately. A local municipality in Arizona was targeted for $5 million, however after calling the FBI and reporting the attack at IC3.gov, asset recovery was triggered and nearly all of the funds were returned. 

Authorities also warned companies to set up multifactor authentication to prevent criminals from gaining additional access to compromised systems.

Filed Under: Strategy, Threats

Editors' picks

Company Announcements

View all | Post a press release
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Whalebone Ranks Third Straight Year Among Central Europe’s 50 Fastest-Growing Companies
From Whalebone
November 25, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell