Huntress has released a report finding that business email compromise (BEC) attacks have risen in the third quarter of 2023.
“64% of identity-focused incidents in Q3 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC),” the researchers write. “Another 24% of identity-focused incidents involved logins from unusual or suspicious locations. Now favored as an intrusion vector, identity-based attacks are on the rise with threat actors targeting cloud services to steal identifying information or break into business emails.”
The researchers have also observed a shift in phishing tactics as threat actors adapt to Microsoft’s measures to prevent malware delivery via malicious attachments.
“Phishing and end-user targeting remain common and widespread tactics for threat actors ranging from ransomware affiliates to BEC operators,” the researchers write.
“Yet the nature of such phishing has shifted significantly since Microsoft disabled macro execution by default in Microsoft Office as well as earlier ‘Mark of the Web’ security controls implemented for Visual Basic for Applications (VBA) scripts. As a result, adversaries continue to look for new payload mechanisms to deliver malicious content to end users. Interestingly, many of these methods require significant user interaction for successful execution. Huntress observes this trend with payloads landing on victim machines such as ZIP or ISO archives containing malicious LNK or scripting objects, requiring multiple interactions from victims from initial delivery to execution.”
The researchers conclude, “[A] common theme across multiple examples, whether socially engineering users to run a file or spoofing identities to generate a BEC attempt, is the subversion of user trust. Adversaries know that users face significant hurdles in their day-to-day jobs and often rely on implicit trust in systems or other persons to effectively carry out tasks. Security awareness training and user education can work to inform end users of the risks inherent in current processes and tasks, while managers and other leaders should look to build more resilient processes to combat adversary attempts to abuse existing functional pathways.”
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Huntress has the story.