The BEC category of email phishing is the largest type of cybercrime, totaling $12 billion in potential losses worldwide between 2013 and 2018, according to the FBI.
It’s not clear why Atlanta is a hotspot, but one reason could be that many payments-processing companies are located here, said Crane Hassold, senior director of threat research at Agari.
“The talent is already living there,” he said.
Global Payments, Elavon and Fiserv are some of the payment-technology companies with large operations in metro Atlanta. Georgia Tech last month opened the School of Cybersecurity and Privacy, which the college says is one of the first of its kind in the U.S.
In addition to Atlanta, the largest hotspots in the U.S. are New York, Los Angeles, Houston and Miami, according to Agari.
In March, the U.S. Attorney’s Office in Atlanta arrested two dozen business email fraudsters responsible for $30 million in losses. Most lived in metro Atlanta.
“Fraud schemes, like the ones perpetrated and facilitated by these defendants, inflict considerable losses on citizens, companies, and the financial system,” U.S. Attorney B.J. Pak said in a news release at the time.
BEC fraud largely originated in Nigeria, although the criminal rings have expanded to the U.S. and other countries as Nigerian law enforcement has cracked down.
Cyberthieves have become more sophisticated in avoiding detection by banks, which are required to report suspicious transactions to law enforcement, said Erich Kron, security awareness advocate at KnowB4, a Florida-based company that provides cybersecurity training. That includes asking for workers' W-2 tax forms or funds held in real estate escrow accounts.
Scammers have also targeted city and county government workers who purchase personal protective equipment and other supplies related to the COVID-19 pandemic, according to the FBI.
The FBI, which operates an online portal to submit potential cybercrime cases, has warned that fraudulent business emails appear legitimate and can even dupe sophisticated workers.