Over 60% of fraudsters request gift cards in business emails scams; eBay, Google Play cards most popular

Ruth C. | June 23, 2021

According to data presented by the Atlas VPN team, gift cards were the preferred payment method for 64% of fraudsters who used attacks to compromise business emails in the second half of 2020. 

eBay gift cards were the most popular, with nearly a quarter (24%) of cybercriminals requesting eBay gift vouchers as a form of payment.

Business email compromise, or BEC, is a type of cybercrime where hackers attack businesses and organizations in order to defraud the company. As the name suggests, such attacks are carried out via email.

The figures are based on the Email Fraud and Identity Deception Trends 2021 H1 report by Agari. The report contains data from 257.9 billion emails from July through December 2020. 

Google Play gift cards ranked second on the list. They were the gift card of choice of 15.5% of hackers involved in BEC attacks in the second half of last year.

Google Play is followed by its competitor iTunes. Apple's iTune gift cards were sought after by close to 12% of cybercriminals in H2 2020.

Next up is Amazon. The brand's gift cards were demanded in nearly 11% of BEC attacks.

Steam, a platform for online gaming, rounds out the top five list. Steam gift vouchers were favored by just over 8% of hackers who launched BEC attacks in H2 2020.

Other popular gift cards requested in BEC attacks in H2 2020 include multi-million dollar U.S. retail and financial brands such as Target, American Express, Visa, Walmart (around 4% each), as well as Sephora (3%). On average, hackers demanded about $1,270 worth of gift cards per BEC attack.

However, 22% of cybercriminals preferred wire transfers over gift cards as a payment method in BEC attacks. In the meantime, 10% of hackers preferred payroll diversion. 

Gmail is the most popular domain among BEC scammers

Frequently, scammers choose free email domains to carry out their attacks. It seems that the most popular webmail account Gmail was also the most favored among cybercriminals for BEC attacks in the second half of 2020. Overall, 61% of BEC hackers choose Gmail to conduct attacks.

The second place on the list is taken by Cox. The email domain was the first choice for 6% of BEC attackers.

Naver was also frequently used for BEC scams. It accounted for 5% of webmail accounts used in BEC attacks in H2 of 2020.

Other popular email domains for BEC attacks include Seznam.cz (4.5%), Earthlink (3%), Virgin Media (2%), Optimum.net (2%), Mail.ru (2%), and Roadrunner (1%).

How to protect against BEC attacks

Below we have listed three essential tips to protect your business from BEC attacks:

  • Examine emails before taking action. Hackers often impersonate colleagues or senior executives at the same company to trick victims into handing over sensitive information or transferring money. Carefully examine the email domain, URL, and spelling to verify that the email is genuine. It does not hurt to talk to the supposed sender through other communication channels to make sure they really sent the email. Do not click on any links or open attachments if you are not sure the email is safe. 
  • Label external emails. It is possible to configure email programs to label external emails. This helps employees distinguish between internal emails and those coming from outside the company. If a fraudster tries to impersonate your company, such an email will be easier to spot.
  • Use two-factor authentication. Set up 2FA for logging into email accounts. This can minimize the possibility of hackers compromising company email accounts, which can then be used to attack other employees.
Ruth C.

Ruth C.

Cybersecurity Researcher and Publisher at Atlas VPN. Interested in cybercrime, online security, and privacy-related topics.


Business email compromise

© 2023 Atlas VPN. All rights reserved.