Abstract
Although numerous studies on cybercrime have been undertaken, very little is known about the BEC scam and its effects on economic sustainability in Nigeria. Using data collected via various methods, this study examines the implications of the BEC scam as cyber victimization on the economic infrastructure of corporate organizations in Cross River State, Nigeria. A specifically structured questionnaire and an in-depth interview with staff (n = 1087) was conducted and the data received were analyzed using descriptive statistics, logistic regression, and content analysis. Findings revealed that BEC victimization is increasing, and has adversely affected such corporate organizations as banks, telecommunications firms, and manufacturing companies. The organization one works for is an important factor in determining one’s vulnerability to BEC scamming. Therefore, a multilateral cybersecurity and cyber-intelligence relationship between the various corporations and government departments is necessary for adequate protection of critical infrastructures. This multi-sectoral approach to cyber-law enforcement requires the installation of uncompromised internal physical and digital access control in order to strengthen targets. This demands robust organizational cyberspace surveillance to complement the existing government counter-cybercrime implementations.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Change history
27 August 2022
A Correction to this paper has been published: https://doi.org/10.1057/s41284-022-00354-1
References
Adogame, A. 2009. The 419 code as business unusual: Youth and the unfolding of the advance fee fraud online discourse. Asian Journal of Social Science 37: 551–573.
Arlitsch, K., and A. Edelman. 2014. Staying safe: Cyber security for people and organisations. Journal of Library Administration 54 (1): 46–56.
Armorblox. 2021. What is business email compromise? A definitive guide to BEC. https://www.armorblox.com/learn/business-email-compromise.
Australian Competition and Consumer Commissions. 2019. The dangers of business email compromise scams and how to defend against them. https://www.nccgroup.com/au/about-us/newsroom-and-events/blogs/2019/september/the-dangers-of-business-email-compromise-scams-and-how-to-defend-against-them. Accessed 10 Aug 2020.
Aviv, S.S. 2019. An examination of user detection of business email compromise amongst corporate professionals (PhD Thesis). Nova Southeastern University.
Aviv, S., Levy, Y., Wang, L., and N. Geri. 2019. An expert assessment of corporate professional users to measure business email compromise detection skills and develop a knowledge and awareness training program. Proceedings of the 14th Pre-ICIS Workshop on Information Security and Privacy, Munich, Germany.
Azeez, O. 2019. Cybercrime cost Nigeria N288bn in 2018. https://www.businessamlive.com/. Accessed 10 Aug 2020.
Basiago, A.D. 1999. Economic, social, and environmental sustainability in development theory and urban planning practice. The Environmentalist 19: 145–161.
Beck, U. 2006. Living in the world risk. Society Economy and Society 35 (3): 329–345.
Boateng, R., L. Olumide, R.S. Isabalija, and J. Budu. 2011. Sakawa—cybercrime & criminality in Ghana. Journal of Information Technology Impact 11 (2): 85–100.
Borko, A., V. Nehodchenko, O. Volobuieva, I. Kharaberiush, and Y. Lohvynenko. 2019. Fighting against cybercrime: Problems and prospects in Ukraine and the world. Journal of Legal, Ethical and Regulatory Issues 22 (2): 1–5.
Centre for Strategic and International Studies (CSIS). 2021. Cybercrime. https://www.csis.org/programs/strategic-technologies-program/archives/cybersecurity-and-governance/cybercrime.
Cohen, L.E., and M. Felson. 1979. Social change and crime rate trends: A routine activity approach. American Sociological Review 44: 588–608.
Damodaram, R. 2016. Study on phishing attacks and anti-phishing tools. International Research Journal of Engineering and Technology 03 (01): 700–705.
Donalds, C., and K.M. Osei-Bryson. 2019. Toward a cybercrime classification ontology: A knowledge-based approach. Computers in Human Behavior 92 (1): 403–418.
Drew, J.M., and L. Farrell. 2018. Online victimisation risk and self-protective strategies: Developing police-led cyber fraud prevention programs. Police Practice and Research 19 (6): 537–549.
Eckert, C. 2017. Corporate reputation and reputation risk: Definition and measurement from a (risk) management perspective. Journal of Risk Finance 18 (2): 145–158.
Enukoha, C.U., and P.U. Angioha. 2019. Application of Information Communication Technology in service delivery among organisations in Cross River State, Nigeria. Cross River: Crosswatch Publishing Co-operation.
Epron, S. 2019. Emerging security threats: Factors and implications for Nigeria’s socio-economic development 2015–2019. Journal of Economics and Development Studies 7 (2): 141–149.
Federal Bureau of Investigation. 2019. Business Email Compromise The $26 Billion Scam. www.fbi.gov/contact-us/field-offices.
Federal Bureau of Investigations Internet Crime Complaint Center. 2015. Business email compromise public service announcement. https://www.ic3.gov/media/2015/150827-1.aspx. Accessed 20 May 2019.
Filart, C., and D. Young. 2019. The rise of new tactics in business email compromise. https://www.fireeye.com/blog/products-and-services/2019/09/the-rise-of-new-tactics-in-business-email-compromise.html. Accessed 13 Feb 2020.
Folashade, B.O., and K.A. Abimbola. 2013. The nature, causes and consequences of cybercrime in tertiary institutions in Zaria-Kaduna State, Nigeria. American International Journal of Contemporary Research 3 (9): 98–114.
Frank, I., and E. Odunayo. 2013. Approach to cyber security issues in Nigeria: Challenges and solution. International Journal of Cognitive Research in Science, Engineering and Education 1 (1): 1–11.
Friend, C., L.B. Grieve, J. Kavanagh, and M. Palace. 2020. Fighting cybercrime: A review of the Irish experience. International Journal of Cyber Criminology 14 (2): 383–399.
Froelich, C. 2020. Our commitment to you is absolute. Bank of America Cyber Security Journal I: 1–14.
Hakmeh, J. 2017. Cybercrime and the digital economy in the GCC countries. https://www.chathamhouse.org/sites/default/files/publications/research/2017-06-30-cybercrime-digital-economy-gcc-hakmeh.pdf. Accessed 22 Jan 2019.
Heap, V., and J. Waters. 2019. Mixed methods in criminology. Devon: Routledge.
Ibrahim, S. 2016. Social and contextual taxonomy of cybercrime: Socio-economic theory of Nigerian cybercriminals. International Journal of Law, Crime and Justice 47: 44–57. https://doi.org/10.1016/j.ijlcj.2016.07.002.
Jaishankar, K. 2007. Cyber criminology: Evolving a novel discipline with a new journal. International Journal of Cyber Criminology 1 (1): 1–6.
Jaishankar, K. 2008. Space transition theory of cybercrimes. In Crimes of the internet, ed. F. Schmalleger and M. Pittaro, 283–301. Upper Saddle River: Prentice Hall.
Jaishankar, K. 2010. The future of cyber criminology: Challenges and opportunities. International Journal of Cyber Criminology 1 (2): 26–31.
Jang-Jaccard, J., and S. Nepal. 2014. A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences 80 (5): 973–993.
Jansen, J., and R. Leukfeldt. 2016. Phishing and malware attacks on online banking customers in the Netherlands: A qualitative analysis of factors leading to victimisation. International Journal of Cyber Criminology 10 (1): 79–91.
King, L., and D. McCarthy, eds. 2009. Environmental sociology: From analysis to action, 2nd ed. New York: Row man and Littlefield Publishers.
Kiru, M.U., and S.I. Muhammad. 2017. A situation analysis on cybercrime and its economic impact in Nigeria. International Journal of Computer Applications 169 (7): 19–29.
Leukfeldt, E.R. 2014. Cybercrime and social ties: Phishing in Amsterdam. Trends in Organised Crime 17 (4): 231–249.
Levi, M. 2017. Assessing the trends, scale and nature of economic cybercrimes: Overview and issues. Crime, Law and Social Change 67 (1): 3–20.
Longe, B.O., O. Ngwa, F. Wada, V. Mbarika, and L. Kvasny. 2009. Criminal use of information and communication technologies in sub-Saharan Africa: Trends, concerns and perspectives. Journal of Information Technology Impact 9 (3): 155–165.
Maitanmi, O., S. Ogunlere, S. Ayinde, and Y. Adekunle. 2013. Impact of cybercrimes on Nigerian economy. The International Journal of Engineering and Science 2 (4): 45–51.
Makeri, Y.A. 2017. Cyber security issues in Nigeria and challenges. International Journal of Advanced Research in Computer Science and Software Engineering 7 (4): 315–321.
Manbe, D.A., Magaji, S., and Y.M. Damagun. 2014. Cybercrimes and victimisation: An analysis of economic–cost implications to Nigeria. Handbook on the Emerging Trends in Scientific Research, 777–785.
McAfee. 2021. Advanced Threat Research Report. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-threats-oct-2021.pdf.
Ndubueze, P.N., ed. 2017. Cyber criminology and technology-assisted crime control: A reader, 1–532. Zaria: Ahmadu Bello University Press.
Ndubueze, P.N., E.U.M. Igbo, and U.O. Okoye. 2013. Cybercrime victimisation among Internet active Nigerians: An analysis of sociodemographic correlates. International Journal of Criminal Justice Sciences 8 (2): 225–234.
Newman, L.H. 2018. Nigerian email scammers are more effective than ever. https://www.wired.com/story/nigerian-email-scammers-more-effective-than-ever. Accessed 3 April 2019.
Nnam, M.U., B.O. Ajah, C.C. Arua, G. Okechukwu, and C.O. Okorie. 2019. The War must be sustained: An integrated theoretical perspective of the cyberspace-Boko Haram terrorism nexus in Nigeria. International Journal of Cyber Criminology 13 (2): 379–395. https://doi.org/10.5281/zenodo.3707556.
Obiora, C.A., J.E.J. Tiebiri, and O.U. Mmaduabuchi. 2017. Cybercrimes and the challenges of economic development in Nigeria. NG—Journal of Social Development 6 (4): 59–70.
Odo, C.R., and A.I. Odo. 2015. The extent of involvement in cybercrime activities among students’ in tertiary institutions in Enugu State of Nigeria. Global Journal of Computer Science and Technology: H Information & Technology 15 (3): 1–6.
Okpa, J.T., A.A. Ilupeju, and E. Eshiotse. 2020a. Cybercrime and socio-economic Development of Corporate Organisations in Cross River State, Nigeria. Asian Journal of Scientific Research 13: 205–213.
Okpa, J.T., B.O. Ajah, and J.E. Igbe. 2020b. Rising trend of phishing attacks on corporate organisations in Cross River State, Nigeria. International Journal of Cyber Criminology 14: 460–478.
Olayinka, W. 2019. Yahoo Yahoo: Inside the life of a Nigerian cyber criminal. https://techcabal.com/2019/07/26/yahoo-yahoo-inside-the-life-of-a-nigerian-cyber-criminal. Accessed 20 March 2020.
Olusola, M., O. Samson, A. Semiu, and A. Yinka. 2013. Impact of cybercrimes on Nigerian economy. The International Journal of Engineering and Science 2 (4): 45–51.
Osanaiye, O., K.K. Raymond Choo, and M. Dlodlo. 2016. Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework. Journal of Network and Computer Applications 67: 147–165.
Oso, L., and B. Semiu. 2012. The concept and practice of corporate governance in Nigeria: The need for public relations and effective corporate communication. Journal of Communication 3 (1): 1–16.
Paganini, P. 2013. Info Sec Institute 2013 Cost of cybercrimes. http://resources.infosecinstitute.com/cybercrime-and-theunderground-market.
Quarshie, H.O., and A. Martin-Odoom. 2012. Fighting cybercrime in Africa. Computer Science and Engineering 2 (6): 98–100.
Quarshie, H.O., G.Y. Koi-Akrofi, and A. Martin-Odoom. 2012. The economic impact of computer virus—A case of Ghana. Journal of Emerging Trends in Computing and Information Sciences 3 (8): 1235–1239.
Ragucci, J.W., and S.A. Robila. 2006. Societal aspects of phishing. ACM SIGSOFT Software Engineering Notes 31 (7): 6–16.
Corporation, Rand. 2019. Social media in Africa presents double-edged sword for security and development. Santa Monica: Rand Corporation.
Rathmell, A. 1999. Cyber-terrorism: The shape of future conflict? Journal of Financial Crime 6 (3): 277–283.
Shaik, A., and S.B. Shaik. 2014. Cybercrime is a global problem: Increasingly social and mobile. International Journal of Advanced Research in Computer and Communication Engineering 3 (1): 4993–5001.
Solms, R.V., and J.V. Niekerk. 2013. From information security to cyber security. Computers & Security 38: 97–102.
Spangenberg, J.H. 2005. Economic sustainability of the economy: Concepts and indicators. Int. J. Sustainable Development 8 (1/2): 47–64.
Tade, O., and O. Adeniyi. 2020. Dimensions of electronic fraud and governance of trust in Nigeria’s cashless ecosystem. International Journal of Offender Therapy and Comparative Criminology 64 (16): 1717–1740. https://doi.org/10.1177/0306624X20928028.
Tsakalidis, G., K. Vergidis, S. Petridou, and M. Vlachopoulou. 2019. A cybercrime incident architecture with adaptive response policy. Computers and Security 29 (1): 45–72.
Uebelacker, S., and S. Quiel. 2014. The social engineering personality framework. Workshop on Socio-Technical Aspects in Security and Trust. Vienna: Vienna University of Technology, 24.
United Nations Office on Drugs and Crime. 2012. The use of the internet for terrorist purposes. Vienna: The Author.
Venkat, A. 2020. FBI: BEC losses totalled $1.7 billion in 2019. https://www.bankinfosecurity.com/fbi-bec-losses-totaled-17-billion-in-2019-a-13717. Accessed 20 May 2020.
Wada, F., and G.O. Odulaja. 2012. E-banking and cyber crime in Nigeria. A theoretical policy perspective on causation. African Journal of Computer & ICTs 5 (1): 69–82.
Weber, S.H., and E. Studer. 2016. Cybersecurity in the internet of things: Legal aspects. Computer Law & Security Review 32 (5): 715–728.
Whitty, M.T. 2018. 419—It’s just a Game: Pathways to cyber fraud criminality emanating from West Africa. International Journal of Cyber Criminology 12 (1): 97–114.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding author states that there are no conflicts of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Okpa, J.T., Ajah, B.O., Nzeakor, O.F. et al. Business e-mail compromise scam, cyber victimization, and economic sustainability of corporate organizations in Nigeria. Secur J 36, 350–372 (2023). https://doi.org/10.1057/s41284-022-00342-5
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1057/s41284-022-00342-5