Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

View Topics

[Cybersecurity Awareness Month] Spoofy Steve's Business Email Compromise Scams You Need to Watch Out For

Oct 4, 2023 9:13:04 AM By Roger Grimes
Like a ghost, most business email compromise (BEC) scams are able to sneak through most technical defenses and end up in end-user inboxes.
Continue Reading

Top 10 Trends in Business Email Compromise for 2023

Aug 28, 2023 8:46:11 AM By Stu Sjouwerman
Researchers at Trustwave have published a report outlining trends in business email compromise (BEC) attacks, finding that these attacks spiked in February of 2023.
Continue Reading

Business Email Compromise Now Has a $50 Billion Price Tag

Jul 20, 2023 3:25:36 PM By Stu Sjouwerman
The latest data from the FBI’s Internet Crime Complaint Center (IC3) ups the estimate for the cost of losses and exposure through business email compromise (BEC) attacks from 2013 through ...
Continue Reading

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

Jul 6, 2023 8:45:53 AM By Stu Sjouwerman
Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also ...
Continue Reading

New Social Engineering Tactic Uses PDFs in Business Email Compromise Attacks

Jun 20, 2023 8:46:31 AM By Stu Sjouwerman
Legitimate services can be exploited in social engineering, including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using ...
Continue Reading

Microsoft Describes a Sophisticated Phishing Campaign that Targeted Several Financial Organizations

Jun 13, 2023 9:56:43 AM By Stu Sjouwerman
Microsoft describes a sophisticated phishing campaign that targeted several financial organizations.
Continue Reading

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

May 23, 2023 8:50:06 AM By Stu Sjouwerman
Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.
Continue Reading

Business Email Compromise and “Confidential” Mergers and Acquisitions

May 10, 2023 10:07:25 AM By Stu Sjouwerman
A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...
Continue Reading

Response-Based Business Email Compromise Contributes to 97% of Attacks

May 4, 2023 8:39:58 AM By Stu Sjouwerman
The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...
Continue Reading

FBI: Business Email Compromise Attacks Are Being Used to Make Bulk Goods Purchases from Vendors

Apr 6, 2023 8:33:35 AM By Stu Sjouwerman
A new public service announcement focuses on a specific form of BEC attack using little more than a spoofed domain and common vendor payment practices to steal hardware, supplies and more.
Continue Reading

Australian Police Arrest Business Email Compromise (BEC) Operators

Mar 29, 2023 8:43:18 AM By Stu Sjouwerman
The Australian Federal Police (AFP) have arrested four alleged members of an organized crime group known for carrying out business email compromise (BEC) attacks, BleepingComputer ...
Continue Reading

The FBI's Public Service Warning of Business Email Compromise

Mar 29, 2023 8:01:52 AM By Stu Sjouwerman
The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the ...
Continue Reading

Report Shows Business Email Compromise (BEC) Attacks Increase and Phishing Used as Initial Attack Vector in the Last Year

Mar 20, 2023 10:08:42 AM By Stu Sjouwerman
Secureworks has published a report looking at cybercrime over the course of 2022, finding that business email compromise (BEC) attacks nearly doubled last year. Additionally, attacks in ...
Continue Reading

Microsoft Warns of Business Email Compromise Attacks Taking Hours

Mar 13, 2023 1:13:45 PM By Stu Sjouwerman
According to Microsoft's Security Intelligence team, a recent business email compromise attack (BEC) has shown that threat actors are quickening the pace of these attacks, with certain ...
Continue Reading

Executive Impersonation Business Email Compromise Attacks Go Beyond English Worldwide

Mar 6, 2023 9:09:47 AM By Stu Sjouwerman
Despite hearing mostly about BEC attacks in English-speaking countries, analysis of new attack groups highlight the threat of these kinds of attacks in other languages.
Continue Reading

Business Email Compromise Gang Gets Jail Time for Stealing Millions

Feb 28, 2023 11:52:14 AM By Stu Sjouwerman
An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Continue Reading

28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178%

Feb 23, 2023 11:27:44 AM By Stu Sjouwerman
New data shows users aren’t scrutinizing emails used in business email compromise (BEC) attacks, allowing critical changes in banking details that would impact the victim's organization ...
Continue Reading

Do Not Let Ransomware Steal the Show – Business Email Compromise Is the Biggest Threat You Must Prepare For!

Feb 21, 2023 10:12:12 AM By Javvad Malik
When it comes to cybersecurity, ransomware is the rockstar of threats. But taking a peek behind the curtain, business email compromise (BEC) causes huge financial losses.
Continue Reading

A Special Case of Business Email Compromise

Feb 21, 2023 9:12:41 AM By Stu Sjouwerman
Cloudflare warns that business email compromise (BEC) phishing has assumed a new form: vendor email compromise (VEC). The classic BEC case involves the impersonation of someone within an ...
Continue Reading

BEC Group Launches Hundreds of Campaigns

Feb 2, 2023 9:14:15 AM By Stu Sjouwerman
A business email compromise (BEC) gang has launched more than 350 attacks against organizations in the US, according to researchers at Abnormal Security. The threat actor, which Abnormal ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews