Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

View Topics

New Business Email Compromise Gang Impersonates Lawyers

Nov 7, 2022 10:23:46 AM By Stu Sjouwerman
A criminal gang is launching business email compromise (BEC) attacks by posing as “real attorneys, law firms, and debt recovery services.” The attackers send legitimate-looking invoices ...
Continue Reading

Cybercriminal Gets 25 Years Prison Time Over Romance Scams and Business Email Compromise Attacks

Oct 6, 2022 8:56:35 AM By Stu Sjouwerman
A man from Atlanta, Georgia has been convicted of running romance scams and business email compromise attacks that netted him over $9.5 million, the US Justice Department has announced.
Continue Reading

Vendor Impersonation Competing with CEO Fraud

Jun 23, 2022 9:09:21 AM By Stu Sjouwerman
Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.
Continue Reading

Think BEC Won’t Cost You Much? How Does $130 Million Sound?

May 13, 2022 8:05:12 AM By Stu Sjouwerman
A new lawsuit brings to light the all-too common occurrence of an attack, with this occurring during a business acquisition and costing the buyer more than they bargained for.
Continue Reading

Business Email Compromise Shouldn’t Be the Cost of Doing Business

May 9, 2022 9:11:25 AM By Stu Sjouwerman
The FBI last week published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has ...
Continue Reading

Business Email Compromise (BEC): the Costliest Cybercrime

Apr 12, 2022 8:52:35 AM By Stu Sjouwerman
Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.
Continue Reading

Cost of Internet Crimes in 2021 Increase 64% Exceeding $6.9 Billion

Mar 31, 2022 11:52:17 AM By Stu Sjouwerman
New data from the FBI’s Internet Crime Complaint Center (IC3) shows a massive increase in the cost of internet crimes, with phishing and BEC topping the list.
Continue Reading

FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms

Mar 4, 2022 8:34:12 AM By Stu Sjouwerman
In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of ...
Continue Reading

Business Email Compromise Attack Leads to Millions in Non-Profit Loss

Jan 11, 2022 9:52:45 AM By Stu Sjouwerman
A business email compromise attack at Illinois’s Office of the Special Deputy Receiver led to a loss of $6.85 million, Ray Long at the Chicago Tribune reports. Long describes the Office ...
Continue Reading

Business Email Compromise-as-a-Service Emerges as Attempted Fraud Soars to as High as $6 Million

Nov 9, 2021 1:38:26 PM By Stu Sjouwerman
BEC scammers set their sights on payoffs in the millions of dollars, and are following the path of their ransomware counterparts by evolving services while organizations struggle to keep ...
Continue Reading

Ex-Bank of America Employee Charged with Business Email Compromise Money Laundering

Oct 19, 2021 8:21:16 AM By Stu Sjouwerman
A three-person team – including a personal banker at Bank of America – have been indicted for reportedly being behind a BEC scam that took 5 companies for over $1.1 Million.
Continue Reading

U.K. Authorized Push Payment Scams Jump 71% in First Half of 2021, Taking in £355 Million

Oct 8, 2021 9:09:44 AM By Stu Sjouwerman
Surpassing credit card fraud in the U.K., scamming victims into sending money to a fraudulent bank account has taken the lead spot in fraud scams that could cost U.K. residents more than ...
Continue Reading

5th Circuit Court Finds Cyber Insurer Must Pay for $1 Million Social Engineering Attack

Sep 30, 2021 8:19:24 AM By Stu Sjouwerman
A simple social engineered Business Email Compromise attack resulted in fraud that the cyber insurer contended was not covered under the policy.
Continue Reading

Enterprise Organizations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Sep 16, 2021 2:07:40 PM By Stu Sjouwerman
Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...
Continue Reading

Business Email Compromise Scam takes New Hampshire Town for $2.3 Million

Sep 13, 2021 11:39:52 AM By Stu Sjouwerman
Social engineering is at the heart of this attack, where scammers successfully tricked a town into redirecting not just one but several bank transfers.
Continue Reading

BEC, Fraud, and Ransomware Attacks Are All on the Rise and Costing More Than Ever

Sep 8, 2021 4:05:54 PM By Stu Sjouwerman
New data from cyber insurer Coalition puts the spotlight on not only how much worse attacks are getting, but claim data paints the picture that organizations just aren’t ready.
Continue Reading

Email-Based Cyberattacks Double Between January and June

Sep 3, 2021 8:19:41 AM By Stu Sjouwerman
Over 2.9 Billion email-based threats were detected in the first half of 2021. Business Email Compromise, obfuscation, and living off the land reigned, according to new data from Zix.
Continue Reading

BEC and the Underworld's Resources

Sep 2, 2021 8:47:27 AM By Stu Sjouwerman
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Continue Reading

BEC Attacks Are Targeting Lower-Level Employees

Aug 5, 2021 8:48:30 AM By Stu Sjouwerman
A new report from Barracuda found that most business email compromise (BEC) attacks are now targeting employees who aren’t in executive or financial roles.
Continue Reading

Microsoft Takes Down Homoglyph Domains

Jul 22, 2021 10:44:51 AM By Stu Sjouwerman
Microsoft has taken legal action to shut down eighteen domains that were being used in business email compromise (BEC) attacks. The sites in question used homoglyphs to impersonate ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews