Newsroom

Cybercriminals are using spearphishing attacks to target corporate boards of directors, according to cybersecurity firm Experian Information Solutions.

Experian told CSO that one third of the 350 clients they've helped with spearphishing attacks this year have been corporate boards.

Spearphishing is a hacking technique in which an email is disguised as being from a known individual or business so as to request personal data without arousing suspicion.

"Board members get emails asking them for tax information or requesting bank transfers, which they typically forward to the company employee who is responsible and asking them to take care of it," CSO wrote.

One element of the problem is that board members often use less-secure personal email accounts for their board duties. One bank CSO interviewed recommended providing board members with a bank email address and security training.

Experian said clients have experienced losses of financial statements, cybersecurity documents and intellectual property.