Guardian Analytics Announces Best Practices for Preventing Losses from $2B Social Engineering Scam

Leader in analytics for fraud prevention releases “Business Email Compromise Scam Detection Kit” for businesses and financial institutions
Mountain View, CA —March 2, 2016 —– Guardian Analytics, the leading vendor in behavioral analytics and machine learning solutions for preventing banking fraud, today shared details on the latest trends in Business Email Compromise (BEC) attacks and announced the “BEC Scam Detection Kit” to help both the businesses under attack and the financial institutions that serve them to better detect the scam and avoid losses. The FBI reports that the scam, in which a criminal compromises or spoofs a chief executive’s email account and directs an employee to immediately make a large payment or provide employee data, has victimized over 12,000 businesses across the globe, resulting in $2B in losses.
“The attacks continue to escalate, with no signs of slowing,” said Julie Conroy, Research Director for Aite Group. “Businesses need to be much more aware of these attacks to stop them on the front end and banks need to have more modern fraud prevention technology to keep social engineering-driven payments from slipping through on the back end.”
“We have detected and analyzed hundreds of payments from Business Email Compromise attacks, putting us in a unique position to offer a best practices kit for businesses and financial institutions,” said Eric Tran-Le and Hue Harguindeguy, Co-CEOs at Guardian Analytics. “Our fraud data and social engineering awareness techniques from law enforcement and our fraud analyst team, combined with our proven multi-channel fraud prevention platform, can stop this attack, which is needlessly devastating businesses all over the globe.”

Business Email Compromise Scam Trends Highlight Why Criminals Are Successful

Through analysis of BEC attacks and payments stopped by Guardian Analytics behavioral analytics platform, the Guardian Analytics Fraud Intelligence team released some insightful details on payments the criminals are requesting. These details highlight why the payments themselves are difficult to detect.

  • Payments: amounts range from $20,000 to over $2,000,000 but were always within a normal amount for the victim business
  • Hits per business: Businesses can be targeted multiple times, particularly as victims of the supplier invoice variation of the scam
  • Beneficiary financial institutions: US-based and international, and range from community banks and credit unions to the largest national and international banks
  • Beneficiaries: mix of individuals and businesses
  • Pattern of sending to new beneficiaries: common for the targets to send to new beneficiaries

Business Email Compromise Detection Kit

Guardian Analytics developed a robust BEC Scam Detection Kit featuring Best Practices videos, presentations and infographics, designed uniquely for businesses and financial institutions.

  • Businesses BEC Detection Kit – Offers tips to “Check, Confirm, and Coach” in order to avoid falling victim to the scam. The kit offers detailed techniques for each of these, compiled from FBI reports, banks, and our own research. Download the kit
  • Financial Institution BEC Detection Kit – Provides bankers with specific techniques to identify fraudulent wires and other payments resulting from BEC attacks on their customers; additionally, provides customizable materials for financial institutions to use in their on-going commercial client training programs. Download the kit

Added Pacalin: “We are committed to national education regarding the Business Email Compromise and will work closely with financial institutions and business associations to expand the awareness of the scam as widely as possible.”
About Guardian Analytics
Guardian Analytics is the inventor and leading provider of behavioral analytics solutions for preventing banking fraud. Over 400 financial institutions have standardized on Guardian Analytics’ innovative solutions to mitigate fraud risk and rely on the company to stop the sophisticated criminal attacks targeting retail and commercial banking clients. With Guardian Analytics, financial institutions build trust, increase competitiveness, improve their customer experience and scale operations. Guardian Analytics is privately held and based in Mountain View, CA. For more information, please visit