Bank of America Custom Supplement - S5

Common phishing tactics in 2020
Coronavirus news
Changes in payment schedules
Employees working from home
on unsecured devices
The FBI recently reported an increase in payroll diversions
that resulted from cyber criminals targeting staff in human
resources and payroll, requesting changes to employees'
direct-deposit accounts. Vendor-specific incidents also are
on the rise. Criminals impersonate a legitimate, trusted
vendor and try to persuade someone at the company to
make payment for contracted services. Or an email asks
that a vendor's information be changed, diverting payments
to the criminal's address or a fraudulent bank account.
Meanwhile, ransomware, sometimes the end result of
a successful business email compromise, is a perennial
threat. The idea is no longer new: Using an email link or
attachment, a criminal delivers software that automatically
downloads and then locks or corrupts a computer
system - until a hefty ransom is paid.
In recent months, the deployment of ransomware has
skyrocketed. In 2019, more than 200,000 organizations said
they had files that had been hijacked in ransomware incidents,
a 41% increase from the previous year. The ransom paid to
release files can range from thousands to millions of dollars
and averaged $84,000 in the fourth quarter of 2019.5
Ransomware has become so lucrative that criminal
organizations now offer prepackaged ransomware kits and sell
them on the portion of the internet known as the dark web.
It's popular because it works. Victimized businesses pay
ransoms because they face a ticking clock and the threat
of a data breach or compromised business operations if
they don't pay the criminal.
As the number of connected devices grows and the
techniques that cyber criminals use improve and evolve,
dealerships will need to remain vigilant and proactive.
Employee education and a relentless eye for cyber security
are the best tools to protect susceptible staffers and
company resources.

What does business
email compromise
look like?
Most attempts at business email
compromise fall into a few general


Vendor email compromise: A cyber criminal
takes control of a legitimate email account from
a vendor, forging or spoofing that email address.
The emails might include requests to change
payment or bank account information in an effort
to divert vendor payments to the criminal.


Executive payment requests: A criminal
impersonates a supervisor or business owner by
using a spoofed or compromised email address.
The message o en asks an employee to make
a payment and typically stresses the need to
make it quickly - hoping the employee will avoid
checking the request through proper channels.


Payroll diversion schemes: A criminal
pretends to be an employee and sends a request
to change direct-deposit account information,
hoping to reroute the paycheck to a fraudulent
bank account the criminal can access.

Suspicious keywords
The most common words and
phrases used in business email
compromise attempts:6
Transaction request
Outstanding payment
Important update
Notice of payment received




Bank of America Custom Supplement

Table of Contents for the Digital Edition of Bank of America Custom Supplement

Bank of America Custom Supplement - SIntro
Bank of America Custom Supplement - SCover1
Bank of America Custom Supplement - SCover2
Bank of America Custom Supplement - S1
Bank of America Custom Supplement - S2
Bank of America Custom Supplement - S3
Bank of America Custom Supplement - S4
Bank of America Custom Supplement - S5
Bank of America Custom Supplement - S6
Bank of America Custom Supplement - S7
Bank of America Custom Supplement - S8
Bank of America Custom Supplement - SCover3
Bank of America Custom Supplement - SCover4