Agari, a secure email cloud service, has released the findings of its quarter three (Q3) Email Fraud and Identity Deception Trends report that delves into changing techniques used in email fraud and scams, during the April to June 2019 period.
The top finding shows that fraudsters continue to shift away from their traditional methods. Gift cards have become the preferred mode that fraudsters are using to cash out their proceeds. Of the business email compromise attacks that Agari observed during the second quarter, 65 %of them are focused on gift cards. Specifically, fraudsters tend to request that unwitting victims purchase gift cards and send them to the scammer under various pretenses, such as gifts for customers or rewards for employees.
Three-quarters of the gift cards requested by fraudsters belong to five brands: Google Play, Steam Wallet, Amazon, Apple iTunes, and Walmart. Gift cards are easy for fraudsters to launder and are hard to trace, which are likely the reasons for their popularity. The downside for fraudsters is that the payout isn’t as large as with wire transfer scams.
“Business email compromise is not only a massive problem but it also continues to perplex organizations,” says Agari CEO Patrick Peterson. “Fraudsters have perfected their social-engineering craft, having now gone low-tech to outsmart high-tech solutions that are meant to detect and stop them. What this study clearly shows is that brand impersonations are in style and gift cards are the new money mule.”