![Security Icon]([{"url":"https://resources.finalsite.net/images/f_auto,q_auto,t_image_size_1/v1725543142/gcpsk12org/nc2alt5sgjpepxjznref/security-awareness-icon_1.png","width":256},{"url":"https://resources.finalsite.net/images/f_auto,q_auto/v1725543142/gcpsk12org/nc2alt5sgjpepxjznref/security-awareness-icon_1.png","width":350}]){kind=icon}
- GCPS Links
What is a Business Email Compromise (BEC) Attack?
A BEC attack is a cybercrime in which attackers use email fraud to target organizations, typically for financial gain. The primary purpose of a BEC attack is to trick employees into taking actions that benefit the attackers, such as transferring funds, sharing sensitive information, or providing access to internal systems.
BEC attacks often rely on social engineering tactics. The attackers impersonate a trusted figure, such as the Superintendent, a principal, a co-worker, or a business partner, to create a sense of urgency and legitimacy and deceive the victim.
What types of BEC Attacks have we seen targeting GCPS?
- iTunes Gift Card Attack
In this scam, the victim receives a fraudulent email, impersonating their principal or supervisor, requesting the purchase of iTunes gift cards for a fictitious event. The email creates a sense of urgency, stating, "I need this done immediately, but I’m in a meeting and unavailable until tomorrow." After the victim buys the cards, they're asked to send the 16-digit codes, giving the fraudster full access to the card's value.
- Wire Transfer Attack
In this scam, the victim receives an email impersonating a trusted business partner or vendor. The email claims an outstanding invoice and informs the victim of a supposed change in the partner's banking details. The victim is then instructed to wire funds to what they believe is the legitimate partner's account—only to discover later that the funds have been diverted to a fraudulent account controlled by cybercriminals.
- Payroll Redirection Attack
In this scam, the attacker poses as a legitimate employee, sending a seemingly routine email to the payroll department requesting a change to their direct deposit information. The email is often written to appear urgent, further reinforcing its authenticity. Once the payroll department updates the banking details, all future deposits are rerouted to the attacker's fraudulent account, leaving the employee unaware of the theft until their missing paycheck is noticed.
How can I protect myself and the school district from BEC scams?
- Constantly scrutinize emails closely, especially those requesting financial transactions or sensitive information. The best practice is to verify these requests in person or via a trusted communication method such as a phone call.
- Be particularly cautious of emails claiming to come from district leadership but using suspicious external domains like @gmail.com, @yahoo.com, or @onmicrosoft.com. These subtle red flags are often signs of phishing attempts designed to exploit trust and bypass our security protocols.
Always remember:
- Do not click on suspicious or unexpected links or attachments.
- Never share your username, password, or MFA information.
- Use the “Report Phish” button in Outlook to report suspicious emails.
- Delete suspicious emails from your Inbox and Deleted Items folders