header background image

Battling Business Email Compromise (BEC) Scams: How To Prevent Them Within SAP

September 28, 2023

von

Paul Dixon

#

SAPCompliance

Business Email Compromise (BEC) scams are a genuine and growing threat to your business. But don't just take our word for it - in 2022, the FBI issued a public service announcement warning revealing that the crime has risen 65% in recent years and is getting more prevalent month-on-month.

And here is why it's growing like wildfire: In the cybercrime underworld, it's a scam with a higher-than-average success rate when compared to other online crimes.

So, as a SAP user, wouldn't it make sense to bolster your company's defenses against such a formidable menace? Of course it would. And here is the good news - help is at hand. This VOQUZ Labs article reveals more about BEC scams, how they work with a real-life example, and what your company can do within SAP to avoid becoming a victim.

Business Email Compromise (BEC): The Scam Explained

A BEC scammer emails companies requesting them to pay a fake invoice or bill. But obviously, it's not as simple as that. Why? Companies have systems to ensure financial transactions' accuracy and legitimacy.

So how do BEC scammers circumvent internal systems and controls?

From social engineering techniques to graphic design mastery, their box of nefarious tricks makes them a competent foe that demands attention.

Here are a few of them:

  • Fraudulent Invoices: Scammers send emails with invoices that appear genuine with logos and formatting that closely mimic those of legitimate companies (or are fake companies).
  • Email Spoofing: We won't go into the techy details (you can read about it here), but this is when the scammer alters the email header to make it appear that it originates from a different address or domain.
  • Impersonation: A sub-category of email spoofing, scammers often impersonate trusted individuals within a company (after completing research), like senior directors, to make their 'internal' request seem genuine.
  • Account Takeovers (ATO): This is when cybercriminals target a vendor of their ultimate target. By hacking into the vendor's IT systems, scammers appear as the vendor without suspicion in email communication.
  • Create Urgency: Scammers often apply pressure by creating a sense of urgency in their communications. They may claim immediate action is required to prevent financial penalties or legal consequences.

We could dig deeper into the techniques - but you get the gist. The bottom line and critical takeaway is this:

BEC scammers use the above techniques to trick employees into entering new bank details controlled by the scammers into their accounts payable systems (such as in SAP) - and then paying them. This process is also known as a type of phishing attack.

BROSCHÜRE - die Vorteile unserer Produkte!

remQ - Business Inspector for SAP® Software

remQ – Business Inspector for SAP Software offers Business Transaction Monitoring and auditing software with built-in expert know-how.

Tablet mit dem Deckblatt des Dokuments

A BEC Scam Explained: How Ubiquiti Lost Millions

Now that we understand the BEC scam's modus operandi, let's look at a well-known example that hit the headlines. In August 2015, US technology firm Ubiquiti submitted a report to the US Securities and Exchange Commission, disclosing that it had fallen prey to a "criminal fraud" totaling $46.7 million.

So what happened?

To cut to the chase, scammers impersonated employees at a third-party company and targeted Ubiquiti's finance department. This type of BEC scam is known as Vendor Email Compromise (VEC). Few details were released publicly. But the fraudsters likely compiled a list of Ubiquiti vendors - for example, through researching publicly available information - and worked off that data.

Ultimately, the following happened:

  • The scammer's bank account details entered Ubiquiti's financial systems
  • Ubiquiti paid the scammers millions of dollars

Now that we understand how BEC scams operate and the threat they pose to your organization, we'll now reveal how to fortify your defenses within SAP.

Here's How SAP Users Can Battle BEC Scammers Targeting Their Business

The following fact is a critical facet of a BEC scam: New bank account details belonging to cyber criminals are added or altered within a company's financial systems.

And one of the most effective ways to halt a BEC phishing attack in your company's SAP ERP or S/4HANA environment is to embrace automated internal controls systems, such as remQ by Voquz Labs. A tremendous benefit is that the technology, in almost real-time, creates red-flag alerts when payment details are added and changed.

What does this mean in practical terms?

It means that instead of new payment details (possibly belonging to scammers) slipping under the radar, finance and internal controls teams are immediately alerted, allowing them to investigate and take action if necessary.

For example, remQ (an easy-to-install SAP add-on) can even be customized so vendors are automatically blocked if changes are made close to a payment run - a red-flag event. In this scenario, an employee can then take a closer look at the issue, for example, by contacting the vendor directly to assess if everything is legitimate.

WHITE PAPER - erweitere Dein Wissen!

Reduce Fraud & Boost Cost Savings by Automating Internal Controls

Our White Paper explains how using robust controls and automation, organizations can better manage fraud risks, comply with regulations, improve operational efficiency, and save substantial costs.

Tablet mit dem Deckblatt des Dokuments
Keine Artikel gefunden.

Final Thoughts

BEC scams pose a real and increasing threat to businesses. As we now know, the crime is surging - especially because cybercriminals are attracted to the high success rate.

But this high success rate doesn't have to apply to your company.

If your business uses SAP ERP or S/4HANA, you have an opportunity to halt BEC scammers in their tracks. VOQUZ Labs remQ Business Inspector software operates as a SAP add-on with a library of 100+ pre-built shipped controls ready to run. You can click here to learn more about how remQ can assist. We would also be delighted to answer any questions you have - contact us.

Recommended reading: Enjoyed this article? Now read: The Growing Threat of Invoice Fraud: How To Prevent It Within SAP

ÜBER DEN AUTOR

Paul Dixon

Paul ist Autor und Stratege für RegTech-Inhalte und verfügt über umfangreiche Erfahrungen im digitalen Marketing und Journalismus. Seine Arbeiten sind in der Zeitung „Guardian“ erschienen. Er hat einen Abschluss in „International Relations“, wo er die Einhaltung globaler Sanktionen und grenzüberschreitende Finanzen studierte.

SENDE UNS EINE NACHRICHT

Hast Du Fragen oder möchtest Du etwas hinzufügen? Hinterlasse  uns bitte eine Nachricht! Deine Nachricht wird per E-Mail an uns übermittelt und nicht veröffentlicht.

Danke! Deine Anfrage wurde empfangen!
Ups! Beim Absenden des Formulars ist etwas schief gelaufen.
Illustration of a woman editing documents

Melde Dich für unseren Newsletter an!
Bleib auf dem Laufenden!

Thank you! Your successfully signed up for our newsletter.
Ups! Beim Absenden des Formulars ist etwas schief gelaufen.

WEITERE RELEVANTE ARTIKEL

Vorschaubild mit Link zum Beitrag unten

Order-to-Cash Processes: Ensuring Compliance and Preventing Fraud with Order-to-Cash and Revenue Assurance

18.12.2024

|

SAPCompliance

Vorschaubild mit Link zum Beitrag unten

Procurement and Vendor Management: Ensuring Compliance and Preventing Fraud with Vendor Management and Procurement Processes

6.12.2024

|

SAPCompliance

Vorschaubild mit Link zum Beitrag unten

Asset Accounting Controls in remQ, and One Do-It-Yourself Control

28.11.2024

|

SAPCompliance