Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

Cannabis Company Loses Millions in BEC Scam

Australian medicinal cannabis company Cann Group has lost $3.6 million in a business email compromise (BEC) attack, Stockhead reports. The company had thought it was paying an unnamed ...
Continue Reading

BEC Attacks Nearly Doubled in 2020

A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in ...
Continue Reading

Data Breaches Are Expected to Decline While Ransomware and BEC Gain Steam

A new report from the Identity Theft Research Center discusses which cybersecurity attacks will be most impactful next year as part of the ITRC’s 2021 predictions.
Continue Reading

BEC Scam Litigation Demonstrates How Your Company Can Be Out $500,000

The case of Arrow Truck Sales Inc. v. Top Quality Truck & Equipment tells a familiar tale, but provides insight into how the law interprets cases and who’s at fault.
Continue Reading

[HEADS UP] FBI Warns US Companies of BEC Scammers

The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business ...
Continue Reading

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:
Continue Reading

Will You Get Spoofed for the Holidays? Find out for a Chance to WIN!

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain?
Continue Reading

BEC Incidents Intent on Invoice or Payment Fraud Increase 155% Across All Industries

Business Email Compromise appears to be back in the saddle again, as attackers use simple social engineering and domain impersonation to trick victims into paying up.
Continue Reading

Fraud Attacks Targeting the Mid-Market Organization Increase 129%

New data from U.K. cyberinsurer Beazley highlights the growing trend of mid-market organizations being the target of social engineering attacks and fraud.
Continue Reading

The Geography of Business Email Compromise

Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the ...
Continue Reading

Threat Actors Take Advantage of Exchange Online and Outlook on the Web with New Levels of Sophistication

New insight from Accenture Security highlights specific ways attackers are changing their tactics to make Microsoft’s email platform a tool rather than an obstacle for phishing attacks.
Continue Reading

An Autopsy of a $15 Million Heist

A company in the US lost $15 million in a two-month-long business email compromise scam, BleepingComputer reports. Researchers at Mitiga who investigated the attack told BleepingComputer ...
Continue Reading

New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

Nothing says the bad guys are intent on stealing credentials like testing them while you participate in their phishing attack so they can verify the validity before letting you off the ...
Continue Reading

Funds Transfer Fraud Has Increased 35% Since the Onset of COVID-19

With reported losses from thousands of dollars to well over $1 million, funds transfer fraud represents 27% of cyber insurance claims in 2020.
Continue Reading

Business Email Compromise attacks increase 67% Leading to Fraud, Ransomware, and Data Breaches

Involved in 60% of cybersecurity insurance claims, Business Email Compromise (BEC) is growing in interest by cybercriminals as the initial malicious action as part of a larger attack.
Continue Reading

CEO Fraud Wire Transfer Losses Soar 48% in Q2 2020

Business email compromise attacks—aka CEO Fraud— have taken shape this year, and according to Agari wire transfer losses have significantly increased by 48% in Q2 2020. The average losses ...
Continue Reading

Cybercriminals Target Execs in Microsoft 365 Credential Attack to Launch Internal BEC Scams

A new phishing attack spotted in the wild by security researchers at Trend Micro demonstrates how compromised data in an initial cyberattack is purposed in subsequent attacks.
Continue Reading

Legitimate Accounts for Illegitimate Business Email Compromise

Cybercriminals frequently use email accounts from legitimate services like Gmail to carry out business email compromise (BEC) attacks, Help Net Security reports. Researchers at Barracuda ...
Continue Reading

BEC is the Largest Cyber Threat to UK Sports Entities

The UK’s National Cyber Security Centre (NCSC) released a new report revealing that sports organizations are more than twice as likely to suffer a cyberattack than organizations in other ...
Continue Reading

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

As attacks on the C-Suite decline, new data shows that employees in finance department roles are critical to the success of shifts in attack campaign strategy.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews