JD Supra reported:
Whether they gain access to the targeted email account or use a spoofed email account, criminals will then send legitimate-looking messages to relevant individuals within the compromised school or at the third-party partner. These messages may request that an invoice or upcoming payment be transferred to a new account, that sensitive business information be relayed in an unsecure manner, or any of a number of similar demands. To avoid notice, criminals may use the compromised email account to only gather information for their scam. They may ultimately send these fraudulent requests from a spoofed email account.
Find the original article and read more here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Independent school business officers are tasked with a wide range of responsibilities, including payroll, accounting, accounts payable, investments, and facility security. Unfortunately, many independent schools are unprepared to protect these departments from one of the less-heralded cyber threats. Business email compromise (BEC) may not grab the headlines like ransomware, but it can be just as disruptive and damaging to a school's finances. It is imperative that independent schools be aware of this threat and understand how to mitigate the risk it poses.
Whether they gain access to the targeted email account or use a spoofed email account, criminals will then send legitimate-looking messages to relevant individuals within the compromised school or at the third-party partner. These messages may request that an invoice or upcoming payment be transferred to a new account, that sensitive business information be relayed in an unsecure manner, or any of a number of similar demands. To avoid notice, criminals may use the compromised email account to only gather information for their scam. They may ultimately send these fraudulent requests from a spoofed email account.
Find the original article and read more here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat