Charles Nerko, team leader for data security litigation in Barclay Damon’s Data Security & Technology Practice Area, had his “BEC: The Hidden Threat Credit Unions Keep Overlooking” op-ed article published in the first edition of the newly launched credit union industry news site, The CU Daily. The article explores business email compromise (BEC), which is a major but overlooked threat to credit unions, where cybercriminals hijack email accounts to steal data, install malware, or redirect funds.
The article emphasizes that technical defenses alone are insufficient, as attackers exploit stolen credentials and infiltrate email threads. Credit unions should verify fund transfer and payment requests via a second communication channel to prevent fraud, avoiding reliance on emails or potentially spoofed calls.
Beyond IT concerns, BEC poses legal and regulatory risks, including data breaches, identity theft, and compliance violations. Credit unions must report incidents, involve legal counsel early, and ensure board-level oversight to strengthen cybersecurity resilience.
Click here to read the full article.