Corporations are increasingly falling victim to email phishing scams, where scammers pose as company executives and send fraudulent internal emails asking for cash. The FBI reports the number of this type of cyberattack has grown 1,300 percent since January 2015, resulting in $3.1 billion in losses across the world, according to The Wall Street Journal.
In the past three years in the U.S., more than 14,000 phishing victims alerted the FBI's InternetCrimeComplaintCenter. During that time, companies lost more than $960 million to such scams, according to the report.
These organizations run the gamut in terms of size, sector and industry.
"I'm absolutely not surprised by those numbers," Alex Garcia-Tobar, CEO of email authentication startup ValiMail, told WSJ. "It's child's play. An eight year old can send emails as anyone they want to be."
Phishing scams, sometimes called whaling, appear to be successful because they are targeted attacks, and hackers often take time to study a leader's language and communication patterns and emulates that when sending an email to their target.
What's more, these emails can often slip through email spam filters because they generally don't contain detectable viruses or bugs, Mr. Garcia-Tobar told WSJ.
To avoid phishing scams, experts suggest examining emails and headers when receiving suspicious emails — especially those asking for money — even when the sender appears to be a company leader. Additionally, the FBI suggests companies avoid using free web-based email accounts.
More articles on cybersecurity:
Healthcare is a win-win target for hackers
What the immune system can teach us about cybersecurity
NFL cybersecurity woes continue: Hackers infiltrate Twitter account, say Commissioner Roger Goodell died