According to Beazley's 2019 Breach Briefing, business email compromises (BEC) continue to evolve, growing 133% year-over-year from 2017 to 2018. These ransomware attacks and banking Trojans target all industry verticals and organizations of all sizes, with financial institutions topping the list of most targeted industries for 2018 (27% of the BEC incidents they responded to in 2018 were at a financial institution).

Business email compromise (BEC) is a social engineering attack in which a cybercriminal uses compromised email credentials or spoofs a legitimate email address in order to induce an employee to make a wire transfer or other electronic payment to a bank account controlled by the cybercriminal or, in some cases, to transfer sensitive data such as W-2 forms. And these criminals continue to design more sophisticated attacks. No longer obvious phishing emails, BEC attacks today involve reconnaissance and can sometimes go undetected for long periods of time. 

When responding to a BEC incident, Beazley's Breach Response Team (BBR) advises organizations to closely examine affected email accounts and preserve evidence regarding how the attacker has specifically manipulated the accounts. Attackers may have created forwarding rules or used stolen credentials to access additional systems. 

Beazley has managed thousands of data breaches since the launch of Beazley Breach Response in 2009 and is the only insurer with a dedicated in-house team focusing exclusively on helping clients handle data breaches. The BBR Services team works directly with BBR insureds during all aspects of incident investigation and breach response and coordinates the expert services that BBR insureds need to satisfy legal requirements and maintain customer confidence. In addition to coordinating data breach response, BBR Services maintains and develops Beazley's suite of risk management services, designed to minimize the risk of a data breach occurring.

MBIS now writes approximately 125 banks with Beazley, providing access to these services.

If you have any questions about MBIS or want more information, please contact Jeff Otteson at jeffo@mbisllc.com

Lund is WBA executive vice president - chief of staff and president of EBC and MBIS.