[HEADS UP] FBI Warns US Companies of BEC Scammers

Dec 1, 2020 1:49:29 PM By Stu Sjouwerman

The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business ...

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

Nov 27, 2020 11:52:05 AM By Stu Sjouwerman

ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:

BEC Incidents Intent on Invoice or Payment Fraud Increase 155% Across All Industries

Nov 10, 2020 8:29:59 AM By Stu Sjouwerman

Business Email Compromise appears to be back in the saddle again, as attackers use simple social engineering and domain impersonation to trick victims into paying up.

Fraud Attacks Targeting the Mid-Market Organization Increase 129%

Oct 28, 2020 8:29:07 AM By Stu Sjouwerman

New data from U.K. cyberinsurer Beazley highlights the growing trend of mid-market organizations being the target of social engineering attacks and fraud.

The Geography of Business Email Compromise

Oct 20, 2020 8:35:05 AM By Stu Sjouwerman

Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the ...

Threat Actors Take Advantage of Exchange Online and Outlook on the Web with New Levels of Sophistication

Oct 20, 2020 8:29:36 AM By Stu Sjouwerman

New insight from Accenture Security highlights specific ways attackers are changing their tactics to make Microsoft’s email platform a tool rather than an obstacle for phishing attacks.

An Autopsy of a $15 Million Heist

Oct 8, 2020 11:33:12 AM By Stu Sjouwerman

A company in the US lost $15 million in a two-month-long business email compromise scam, BleepingComputer reports. Researchers at Mitiga who investigated the attack told BleepingComputer ...

New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

Oct 7, 2020 10:06:20 AM By Stu Sjouwerman

Nothing says the bad guys are intent on stealing credentials like testing them while you participate in their phishing attack so they can verify the validity before letting you off the ...

Funds Transfer Fraud Has Increased 35% Since the Onset of COVID-19

Sep 14, 2020 10:49:30 AM By Stu Sjouwerman

With reported losses from thousands of dollars to well over $1 million, funds transfer fraud represents 27% of cyber insurance claims in 2020.

Business Email Compromise attacks increase 67% Leading to Fraud, Ransomware, and Data Breaches

Sep 14, 2020 10:34:13 AM By Stu Sjouwerman

Involved in 60% of cybersecurity insurance claims, Business Email Compromise (BEC) is growing in interest by cybercriminals as the initial malicious action as part of a larger attack.

CEO Fraud Wire Transfer Losses Soar 48% in Q2 2020

Sep 1, 2020 10:39:48 AM By Stu Sjouwerman

Business email compromise attacks—aka CEO Fraud— have taken shape this year, and according to Agari wire transfer losses have significantly increased by 48% in Q2 2020. The average losses ...

Cybercriminals Target Execs in Microsoft 365 Credential Attack to Launch Internal BEC Scams

Aug 11, 2020 9:30:40 AM By Stu Sjouwerman

A new phishing attack spotted in the wild by security researchers at Trend Micro demonstrates how compromised data in an initial cyberattack is purposed in subsequent attacks.

Legitimate Accounts for Illegitimate Business Email Compromise

Aug 11, 2020 8:28:12 AM By Stu Sjouwerman

Cybercriminals frequently use email accounts from legitimate services like Gmail to carry out business email compromise (BEC) attacks, Help Net Security reports. Researchers at Barracuda ...

BEC is the Largest Cyber Threat to UK Sports Entities

Jul 24, 2020 8:55:13 AM By Stu Sjouwerman

The UK’s National Cyber Security Centre (NCSC) released a new report revealing that sports organizations are more than twice as likely to suffer a cyberattack than organizations in other ...

Business Email Compromise Attacks Focused on Invoice Fraud Surge by 75%

Jul 2, 2020 9:59:40 PM By Stu Sjouwerman

As attacks on the C-Suite decline, new data shows that employees in finance department roles are critical to the success of shifts in attack campaign strategy.

BEC Isn't Back; It Never Left

Jun 16, 2020 8:27:32 AM By Stu Sjouwerman

Business email compromise (BEC) attacks aren’t new, but they’re growing increasingly effective, according to Zeljka Zorz at Help Net Security. Zorz cites an article from BakerHostetler, ...

Why BEC Punches Above Its Weight

Jun 9, 2020 8:27:09 AM By Stu Sjouwerman

Business email compromise (BEC) attacks are particularly insidious because they don’t use malware payloads or malicious URLs. That’s a reminder from Evan Reiser, CEO and co-founder of ...

What to do About BEC?

May 28, 2020 8:23:39 AM By Stu Sjouwerman

Funds transfer fraud, also known as business email compromise (BEC), is a much more widespread problem than it seems, according to lawyers at Ice Miller LLP. The attorneys believe this ...

Cloud-based Business Email Compromise

Apr 8, 2020 8:27:11 AM By Stu Sjouwerman

The FBI’s Internet Crime Complaint Center (IC3) published an alert warning that criminals are exploiting cloud-based email services to carry out business email compromise (BEC) attacks. ...

New Sophisticated “Exaggerated Lion” BEC Check Scam Uses Mules to Cash Out

Mar 3, 2020 8:36:45 AM By Stu Sjouwerman

You may wonder exactly how BEC scammers see a payday. New insight from security vendor Agari documents how a secondary check scam dupes unsuspecting victims to help.

Security Awareness Training Blog

CEO Fraud Blog

View Topics