Blog - Cyber Security Informer

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

JULY 13, 2023

ChatGPT and other generative AI tools have been used by cybercriminals to create convincing spoofing emails, resulting in a dramatic rise in business email compromise (BEC) attacks. ” The security researchers tested WormGPT to see how it would perform in BEC attacks.

Cybercrime

Cybercrime Phishing Marketing System Administration

The Complete Guide to Business Email Compromise (BEC) and How to Prevent It

Heimadal Security

SEPTEMBER 13, 2021

The fact that criminals are actively using e-mail schemes to defraud public institutions, small and large businesses, and their clients can be considered yesterday’s news. The BEC term covers a wide variety of malevolent behavior, […].

Scams

Scams Cybersecurity

BEST PRACTICES: Blunting ‘BEC’ capers that continue to target, devastate SMBs and enterprises

The Last Watchdog

APRIL 14, 2022

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? Related: Deploying human sensors.

Phishing

Phishing Accountability Scams Social Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Mobile BEC Attacks on the Rise

Security Boulevard

DECEMBER 13, 2022

A recent uptick in the reports of SMS-based business email compromise (BEC) messages may indicate a wider trend that has seen a surge of phishing scams via text messages. The post Mobile BEC Attacks on the Rise appeared first on Security Boulevard.

Mobile

Mobile Scams Phishing Social Engineering

Vendor Email Compromise (VEC) Explained

Heimadal Security

MAY 5, 2022

You may know what BEC (Business Email Compromise) is, but have you heard of VEC (Vendor Email Compromise)? If your business transacts with vendors to supply products or services, VEC is a sophisticated cyberthreat you need to know about.

Scams

Scams Cybersecurity

Microsoft reports jump in business email compromise activity

CSO Magazine

MAY 22, 2023

Cybersecurity activity around business email compromise (BEC) spiked between April 2022 and April 2023, with over 150,000 daily attempts, on average, detected by the Microsoft Microsoft’s Digital Crimes Unit (DCU). Successful BEC attacks cost organizations hundreds of millions of dollars annually.”

Social Engineering

Social Engineering Cybercrime Engineering Cybersecurity

Best Practices for Endpoint Security in Healthcare Institutions

Heimadal Security

SEPTEMBER 15, 2023

While achieving compliance with industry standards is the minimum, it’s not enough to prevent insider threats, supply chain attacks, DDoS, or sophisticated cyberattacks such as double-extortion ransomware, phishing, business email compromise (BEC), info-stealing malware or attacks that leverage the domain name system (DNS).

Healthcare

Healthcare DNS DDOS Phishing

FBI: BEC Scammers Now Impersonate Construction Companies

Heimadal Security

JUNE 10, 2021

The Federal Bureau of Investigation has recently warned that scammers are now posing as construction companies in business email compromise (BEC) attacks. BEC fraud is a scheme used by cybercriminals to gain access to a legitimate business email through social engineering or computer […].

Social Engineering

Social Engineering Engineering Cybersecurity

Scammers Bypassed Office 365 MFA in BEC Attacks

Heimadal Security

JUNE 15, 2021

According to the researchers from Microsoft 365 Defender, the attackers were able to compromise their targets’ mailboxes by using phishing. What Is BEC Fraud? BEC Fraud is a scheme used by malicious actors to gain access to legitimate business emails through social engineering or computer intrusion and to impersonate an employee.

Social Engineering

Social Engineering Engineering Phishing Cybersecurity

US charges three men with six million dollar business email compromise plot

Graham Cluley

APRIL 20, 2023

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. Read more in my article on the Tripwire State of Security blog.

Scams

GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

The Last Watchdog

DECEMBER 21, 2021

Cloud hosted email services have come into wide use as the go-to communication and collaboration work tools for businesses far and wide. Related: Weaponized email endures as top threat. Business email continues to be both the most widely used business communication tool – and the most wide-open, problematic attack vector.

Marketing

Marketing Financial Services Ransomware Software

$43 billion stolen through Business Email Compromise since 2016, reports FBI

The State of Security

MAY 5, 2022

The FBI's Internet Crime Complaint Center (IC3) has issued updated statistics on Business Email Compromise (BEC) attacks which use a variety of social engineering and phishing techniques to break into accounts and trick companies into transferring large amounts of money into the hands of criminals.

Social Engineering

Social Engineering Engineering Phishing Internet

How Important Is BEC Security For Your Company?

Heimadal Security

MARCH 15, 2021

Enterprise security is crucial, therefore a compromised email system can seriously damage legitimate business interests. Find out more about how important is BEC security for your company, and what can you do in order to stay safe. The post How Important Is BEC Security For Your Company?

Scams

Scams Cybersecurity

Three Men Accused to Have Participated in a Scheme to Launder the Profits of a BEC Attack

Heimadal Security

OCTOBER 11, 2021

District Court for the Eastern District of Virginia has accused three men of money laundering and aggravated identity theft as part of a Business Email Compromise (BEC) campaign. What Is BEC?

Identity Theft

Identity Theft Scams Cybersecurity

Microsoft Reveals Extensive Business Email Compromise Campaign

Heimadal Security

MAY 10, 2021

Recently, Microsoft revealed a huge-scale business email compromise (BEC) campaign that has […]. The post Microsoft Reveals Extensive Business Email Compromise Campaign appeared first on Heimdal Security Blog.

Hacking

Hacking Social Engineering Engineering Phishing

Five Types of Business Email Compromise Attacks and How to Prevent Them

Security Boulevard

APRIL 12, 2023

In a recent blog, we cited the Federal Bureau of Investigation (FBI) and its Internet Crime Complaint Center (IC3) latest 2022 report, which emphasized a steep and significant rise in Business Email Compromise (BEC) growth. The FBI documented victim’s adjusted losses reaching over $2.7 billion for the year.

Internet

Internet Internet Accountability

Email Filters Duped by Tiny Font Size in BEC Phishing Attacks

Heimadal Security

NOVEMBER 12, 2021

A new Business Email Compromise (BEC) operation aimed at Microsoft 365 consumers employs a variety of highly developed obfuscation techniques in phishing emails that can trick natural language processing filters and go unnoticed by users.

Phishing

Phishing Cybersecurity

10 Suspects Charged for BEC Scams Targeting Federal Funding Programs

Heimadal Security

NOVEMBER 21, 2022

Department of Justice (DOJ) for their alleged roles in business email compromise (BEC) scams. The post 10 Suspects Charged for BEC Scams Targeting Federal Funding Programs appeared first on Heimdal Security Blog. More than $11.1 million was lost as a result of these attacks, with the money […].

Scams

Scams Cybersecurity

Your Manager Forwarded You a New Email? Always Double-Check It

Heimadal Security

OCTOBER 5, 2022

In an effort to trick targets into handing over large sums of money, a Business Email Compromise (BEC) campaign uses an email thread that claims to have been forwarded by the manager. The post Your Manager Forwarded You a New Email? Always Double-Check It appeared first on Heimdal Security Blog.

Cybercrime

Cybercrime Cybersecurity

US sends million-dollar scammer to prison for four years

Graham Cluley

MARCH 29, 2023

31-year-old Solomon Ekunke Okpe, of Lagos, was a member of a gang that devised and executed a variety of scams - including business email compromise (BEC), romance scams, working-from-home scams, and more - between December 2011 and January 2017. Read more in my article on the Hot for Security blog.

Scams

Bitcoin Price Rise Makes Way for New Cyberattacks: BEC Attacks and Phishing Impersonations on the Carpet

Heimadal Security

JULY 6, 2021

An analysis from Baracuda Networks reveals that with the boost of the cryptocurrency popularity, threat actors thought it’s the proper time to launch some cyberattacks through BEC (business email compromise) and phishing impersonations in order to steal credentials that eventually […].

Phishing

Phishing Cryptocurrency Cybersecurity

Wall Street targeted by new Capital Call investment email scammers

The State of Security

MARCH 4, 2021

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their accounts, have found a new tactic which attempts to swindle Wall Street firms out of significantly larger amounts of money.

Accountability

FBI warns of fake CEO attacks taking place via video conferencing systems

Graham Cluley

FEBRUARY 21, 2022

The FBI has issued a warning that organisations should be on their guard against BEC (Business Email Compromise) attacks involving virtual meeting platforms. Read more in my article on the Hot for Security blog.

FBI: Food Shipments Are Now the New Targets of BEC Attacks

Heimadal Security

DECEMBER 19, 2022

A cybersecurity joint advisory issued by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) warns the Food & Agriculture sector of the emerging business email compromise (BEC) attacks on food shipments.

Cybersecurity

Top Managed EDR Benefits That Reduce Cybersecurity Risk

Heimadal Security

JUNE 26, 2023

During the past years, MDR services have demonstrated effectiveness against a variety of threats: ransomware, supply chain assaults, malware, data exfiltration, and Business Email Compromise (BEC), among others.

Risk

Risk Cybersecurity Ransomware Malware

Europol Shuts Down a Franco-Israeli CEO Fraud Group

Heimadal Security

FEBRUARY 20, 2023

The threat actors used business email compromise (BEC) attacks to steal money. Europol put an end to the operations of a Franco-Israeli CEO fraud group. This led to €38,000,000 stolen in just a few days from one organization.

Cybersecurity

What Are BEC Attacks?

Heimadal Security

MARCH 12, 2021

Otherwise known as BEC, Business e-mail compromise happens when an attacker hacks into a corporate e-mail account and impersonates the real owner with the sole purpose to defraud the company, its customers, partners and/or employees into sending money or sensitive data to the attacker’s account. The post What Are BEC Attacks?

Scams

Scams Accountability Hacking Authentication

Social Media Influencer Sentenced to 11 Years in Prison for Cyber Fraud

Heimadal Security

NOVEMBER 10, 2022

‘Ray Hushpuppi’, an Instagram celebrity, was sentenced to 11 years in jail for conspiring to launder tens of millions of dollars via business email compromise (BEC) scams and other cyber frauds.

Media

Media Scams Cybersecurity

The Rise of Business Email Compromise and How To Protect Your Organization

Security Boulevard

DECEMBER 4, 2023

Business Email Compromise (BEC) is rapidly emerging as one of the most financially damaging online crimes.

Scams

Scams Internet Internet Cybercrime

Homoglyph domains used in BEC scams shut down by Microsoft

Graham Cluley

JULY 22, 2021

17 domains used in Business Email Compromise (BEC) scams have been seized by Microsoft's Digital Crimes Unit (DCU), following an investigation by the software giant into attacks that could have stolen millions of dollars from innocent firms. Read more in my article on the Hot for Security blog.

Scams

Scams Software Phishing

Crimson Kingsnake Gang Uses BEC Attacks to Impersonate Law Firms

Heimadal Security

NOVEMBER 4, 2022

The group is making use of business email compromise (BEC) attacks and impersonates lawyers from well-known law firms, to trick recipients into approving invoices for overdue payment of services provided to the recipient a year ago. This strategy establishes a strong foundation for the BEC […].

Cybersecurity

VEC Attacker Uses '.cam' Domain in Scam to Garner $36M Payment

SecureWorld News

MARCH 23, 2023

Abnormal Security recently observed an attempted vendor email compromise (VEC) attack that sought to steal $36 million from the target. Abnormal's CISO, Mike Britton, wrote about the incident in a March 22nd blog post. " However, there are many times when a BEC email is sent from a trusted domain or a compromised vendor.

Scams

Scams Social Engineering Engineering Phishing

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

The Last Watchdog

NOVEMBER 6, 2023

Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information. Scans slip through These attacks are so successful because many traditional email security tools focus only on text-scanning, allowing image-based attacks to slip through.

Phishing

Phishing Scams Education Malware

Australians Have Spent AU$26.5m to Pay Scammers in 2020

Heimadal Security

JUNE 7, 2021

The Australians reported in 2020 losses to scams that totaled AU$851 million, with AU$128 million being lost to business email compromise (BEC), AU$8.4 to Pay Scammers in 2020 appeared first on Heimdal Security Blog. million classed as remote access scams, and AU$3.1 million a result of identity theft.

Identity Theft

Identity Theft Scams Cryptocurrency Cybersecurity

Microsoft warns of a large-scale BEC campaign to make gift card scam

Security Affairs

MAY 8, 2021

Microsoft is warning of a large-scale BEC campaign that targeted hundreds of organizations leveraging typo-squatted domains registered days before the attacks. The reports states that BEC/EAC crimes caused $1.8 Now Microsoft is warning of a large-scale BEC campaign that targeted more than 120 organizations with gift card scam.

Scams

Scams Manufacturing Security Intelligence Internet

Personal Cybersecurity Concerns for 2023

Security Through Education

JANUARY 18, 2023

Cybercrime doesn’t just affect big businesses and national governments. Cybercriminals usually impersonate well-known businesses or organizations. Business email compromise (BEC) attacks have been predicted to soar in 2023 according to Forbes Advisor. Update your software. Turn on automatic updates.

Cybersecurity

Cybersecurity Social Engineering Scams IoT

Trojan Spyware and BEC Attacks

Security Boulevard

MARCH 3, 2021

When it comes to an organization’s security, business email compromise ( BEC ) attacks are a big problem. Continue reading Trojan Spyware and BEC Attacks at Sucuri Blog. The post Trojan Spyware and BEC Attacks appeared first on Security Boulevard.

Spyware

Spyware Social Engineering Phishing Engineering

NEW TECH: How the emailing of verified company logos actually stands to fortify cybersecurity

The Last Watchdog

JULY 26, 2021

Related: Dangers of weaponized email. This happened rather quietly as Google announced the official launch of VMCs in a blog post on July 12. Henceforth companies will be able to insert their trademarked logos in Gmail’s avatar slot; many marketers can’t wait to distribute email carrying certified logos to billions of inboxes.

Marketing

Marketing Cybersecurity Phishing Authentication

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

The identified resources in one of the malicious campaigns impersonate various services appearing to be legitimately created on the “azurefd.net” domain – This allows the bad actors to trick users and spread phishing content to intercept credentials from business applications and e-mail accounts. click” and “.xyz” net – amazon-uk[.]azurefd[.]net.

Phishing

Phishing Accountability Hacking Scams

SlashNext Generative HumanAI Proactively Defends against Generative AI Attacks

Security Boulevard

MAY 1, 2023

Business email compromise (BEC) is a sophisticated form of cybercrime that involves the use of email to deceive and defraud businesses.

Cybercrime

Cybercrime Social Engineering Engineering Phishing

Security Roundup September 2023

BH Consulting

SEPTEMBER 14, 2023

Business Email Compromise: a scam on the rise Business email compromise (BEC) scams are raking in more cash for fraudsters, who are evolving their tactics to avoid detection. Trustwave said BEC incidents were up by 25 per cent in Q1 of this year compared to the same period in 2022.

Scams

Scams Passwords Social Engineering Cybersecurity

Why SMBs are Under Attack by Ransomware

Webroot

APRIL 13, 2021

Small and midsize businesses (SMBs) have become bigger financial targets for hackers. Business email compromise (BEC) is also on the rise. Businesses easily fall for these scams because, with so many invoices and payments occurring on a daily basis, it’s easy to slip a fake one in.

Ransomware

Ransomware DNS Firewall Security Awareness

Microsoft Warns of Surge in Token Theft, Bypassing MFA

eSecurity Planet

NOVEMBER 21, 2022

“By compromising and replaying a token issued to an identity that has already completed multifactor authentication, the threat actor satisfies the validation of MFA and access is granted to organizational resources accordingly,” the team wrote in a blog post. ” Read next: Top Password Managers.

Authentication

Authentication Phishing Password Management Accountability

Building a Cyber Resilient Business: The Protection Layer

Webroot

SEPTEMBER 7, 2023

Depending on the size of the business, one-third to two-thirds of businesses suffer malware attacks in any given year. In 2022, American businesses lost $10.3 The best way to weather these challenges is to become a cyber resilient business. And those attacks are costing companies a lot of money.

Encryption

Encryption Cyber Insurance Cybercrime Phishing

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

The Complete Guide to Business Email Compromise (BEC) and How to Prevent It

Webinars

Trending Sources

BEST PRACTICES: Blunting ‘BEC’ capers that continue to target, devastate SMBs and enterprises

Webinars

Mobile BEC Attacks on the Rise

Vendor Email Compromise (VEC) Explained

Microsoft reports jump in business email compromise activity

Best Practices for Endpoint Security in Healthcare Institutions

FBI: BEC Scammers Now Impersonate Construction Companies

Scammers Bypassed Office 365 MFA in BEC Attacks

US charges three men with six million dollar business email compromise plot

GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

$43 billion stolen through Business Email Compromise since 2016, reports FBI

How Important Is BEC Security For Your Company?

Three Men Accused to Have Participated in a Scheme to Launder the Profits of a BEC Attack

Microsoft Reveals Extensive Business Email Compromise Campaign

Five Types of Business Email Compromise Attacks and How to Prevent Them

Email Filters Duped by Tiny Font Size in BEC Phishing Attacks

10 Suspects Charged for BEC Scams Targeting Federal Funding Programs

Your Manager Forwarded You a New Email? Always Double-Check It

US sends million-dollar scammer to prison for four years

Bitcoin Price Rise Makes Way for New Cyberattacks: BEC Attacks and Phishing Impersonations on the Carpet

Wall Street targeted by new Capital Call investment email scammers

FBI warns of fake CEO attacks taking place via video conferencing systems

FBI: Food Shipments Are Now the New Targets of BEC Attacks

Top Managed EDR Benefits That Reduce Cybersecurity Risk

Europol Shuts Down a Franco-Israeli CEO Fraud Group

What Are BEC Attacks?

Social Media Influencer Sentenced to 11 Years in Prison for Cyber Fraud

The Rise of Business Email Compromise and How To Protect Your Organization

Homoglyph domains used in BEC scams shut down by Microsoft

Crimson Kingsnake Gang Uses BEC Attacks to Impersonate Law Firms

VEC Attacker Uses '.cam' Domain in Scam to Garner $36M Payment

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

Australians Have Spent AU$26.5m to Pay Scammers in 2020

Microsoft warns of a large-scale BEC campaign to make gift card scam

Personal Cybersecurity Concerns for 2023

Trojan Spyware and BEC Attacks

NEW TECH: How the emailing of verified company logos actually stands to fortify cybersecurity

Cybercriminals Use Azure Front Door in Phishing Attacks

SlashNext Generative HumanAI Proactively Defends against Generative AI Attacks

Security Roundup September 2023

Why SMBs are Under Attack by Ransomware

Microsoft Warns of Surge in Token Theft, Bypassing MFA

Building a Cyber Resilient Business: The Protection Layer

Stay Connected