Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

View Topics

Ex-Bank of America Employee Charged with Business Email Compromise Money Laundering

Oct 19, 2021 8:21:16 AM By Stu Sjouwerman
A three-person team – including a personal banker at Bank of America – have been indicted for reportedly being behind a BEC scam that took 5 companies for over $1.1 Million.
Continue Reading

U.K. Authorized Push Payment Scams Jump 71% in First Half of 2021, Taking in £355 Million

Oct 8, 2021 9:09:44 AM By Stu Sjouwerman
Surpassing credit card fraud in the U.K., scamming victims into sending money to a fraudulent bank account has taken the lead spot in fraud scams that could cost U.K. residents more than ...
Continue Reading

5th Circuit Court Finds Cyber Insurer Must Pay for $1 Million Social Engineering Attack

Sep 30, 2021 8:19:24 AM By Stu Sjouwerman
A simple social engineered Business Email Compromise attack resulted in fraud that the cyber insurer contended was not covered under the policy.
Continue Reading

Enterprise Organizations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Sep 16, 2021 2:07:40 PM By Stu Sjouwerman
Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...
Continue Reading

Business Email Compromise Scam takes New Hampshire Town for $2.3 Million

Sep 13, 2021 11:39:52 AM By Stu Sjouwerman
Social engineering is at the heart of this attack, where scammers successfully tricked a town into redirecting not just one but several bank transfers.
Continue Reading

BEC, Fraud, and Ransomware Attacks Are All on the Rise and Costing More Than Ever

Sep 8, 2021 4:05:54 PM By Stu Sjouwerman
New data from cyber insurer Coalition puts the spotlight on not only how much worse attacks are getting, but claim data paints the picture that organizations just aren’t ready.
Continue Reading

Email-Based Cyberattacks Double Between January and June

Sep 3, 2021 8:19:41 AM By Stu Sjouwerman
Over 2.9 Billion email-based threats were detected in the first half of 2021. Business Email Compromise, obfuscation, and living off the land reigned, according to new data from Zix.
Continue Reading

BEC and the Underworld's Resources

Sep 2, 2021 8:47:27 AM By Stu Sjouwerman
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Continue Reading

BEC Attacks Are Targeting Lower-Level Employees

Aug 5, 2021 8:48:30 AM By Stu Sjouwerman
A new report from Barracuda found that most business email compromise (BEC) attacks are now targeting employees who aren’t in executive or financial roles.
Continue Reading

Microsoft Takes Down Homoglyph Domains

Jul 22, 2021 10:44:51 AM By Stu Sjouwerman
Microsoft has taken legal action to shut down eighteen domains that were being used in business email compromise (BEC) attacks. The sites in question used homoglyphs to impersonate ...
Continue Reading

Spear Phishing Impersonation Attacks Take on New Tactics to Become More Convincing and Effective

Jun 30, 2021 4:31:09 PM By Stu Sjouwerman
As part of Business Email Compromise attacks, spear phishing now plays a material role, with impersonation sitting firmly at the core of their social engineering tactics… in more ways ...
Continue Reading

Business Email Compromise Attacks Are Evolving, Becoming More Convincing and More Expensive

May 28, 2021 9:51:22 AM By Stu Sjouwerman
The “business” of BEC is becoming increasingly more lucrative for cybercriminals, as they develop new ways to defraud individuals and organizations of their money.
Continue Reading

A Popular Fraud Combo is Back: Elon Musk and Bitcoin

May 26, 2021 1:56:37 PM By Stu Sjouwerman
Researchers at Bitdefender warn that cybercriminals continue to impersonate Elon Musk in Bitcoin scams. One campaign that started on May 15 involved sending thousands of emails telling ...
Continue Reading

Wine-Themed Phishing Attacks Have Turned Sour During the Pandemic

May 11, 2021 12:45:30 PM By Stu Sjouwerman
Scammers took advantage of people’s desire to order wine online during the pandemic, Decanter reports. Researchers at Recorded Future disclosed in a recent report that wine-related ...
Continue Reading

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

May 11, 2021 12:00:00 PM By Stu Sjouwerman
According to Bleeping Computer, Microsoft reported that a large business email compromise (BEC) campaign has targeted dozens of organizations. The industries targeted varied from real ...
Continue Reading

Cybercrime Skyrocketed in the US by 55%

Apr 1, 2021 8:58:39 AM By Stu Sjouwerman
According to data released by StockApps, the annual loss from any type of cybercrime in the US reached $4.2 billion in 2020. This turns into billions of dollars lost, and a 55% increase ...
Continue Reading

Another Tax Season, Another Opportunity for Scams

Mar 18, 2021 9:30:45 AM By Erich Kron
It’s the start of tax season. This is the time of year when we collect our receipts and tax forms and hope for a nice big refund from the U.S. government. Unfortunately, cybercriminals ...
Continue Reading

[On-Demand Webinar] Avoiding Business Email Compromise Phishing Scams During Tax Season

Mar 15, 2021 8:00:00 AM By Stu Sjouwerman
Taxes are unavoidable, and unfortunately, so are the annual tax-related phishing scams. This year, with the COVID-19 pandemic continuing to keep people working from home, cybercriminals ...
Continue Reading

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

Mar 5, 2021 4:05:06 PM By Stu Sjouwerman
The latest tale of an organization falling victim to a business email compromise attack on their credit card processor highlights how very specific the scenario needs to be to see a ...
Continue Reading

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Mar 5, 2021 4:02:18 PM By Stu Sjouwerman
The latest Data on BEC scams shows how the bad guys are using a mix of gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money.
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews