BEC and the Power of Network Exchange in Cybercrime.
Often when imagining cybercrimes, people tend to have this image of a lone hacker sitting behind several comically large monitors writing complex code that most people wouldn’t understand. However the truth is much simpler than that. BEC or “Business Email Compromise” is a surprisingly simple and effective scam that has been rapidly growing in popularity. When an individual commits BEC, they pose as a high ranking member or official of the company and/or organization, and send urgent and cryptic messages to employees begging for an immediate transfer of funds. Now, many onlookers may wave this off and simply believe themselves to be too intelligent to fall for such a simple scam. However, if your boss of 5 years at a major corporation you’ve work at and trust asked you urgently to transfer them $5000, many of us, wanting to keep our job and our head, would do it.
The implicit trust that humans have for others both online and in real life often leads to this breach of trust. Yet, simple human error is not the sole blame for this uptake in cybercrime, the structure of the networks we navigate as well as the systems in which companies hold authority over their workers can lead to power imbalances that makes it easier for criminals to infiltrate these complex networks. Oftentimes the hackers will pose as high up CEO’s and cc others onto important emails, which causes a network of trust. However these accounts are often all run by the same hacker, posing as an important member of the company. This allows for an uneven distribution of power within this closed network. The hacker holds most of the power as they create the offer and the “other” accounts that cause a pressure increase on the targeted individual. Just like the imbalance network relations involving nodes and the probability of different dollar values divided between those nodes, this network represents and uneven data set with individuals at its center with imbalances of power. This imbalance of power combined with the increase of personal data stored in public domains both play into the rise of BEC and cybercrime.