Security Awareness Training Blog

CEO Fraud Blog

News about the latest CEO fraud attacks. See how the bad guys actually do this and how much money companies lose to this type of scam.

Cybercriminal Gang Targeting SMBs Using Business Email Compromise

Researchers at Todyl have published a report on a major cybercriminal group that’s conducting business email compromise (BEC) attacks against small and medium-sized businesses. Todyl ...
Continue Reading

7 in 10 Organizations Experienced a Business Email Compromise Attack in the Last 12 Months

Despite ransomware getting the lion’s share of the tech pub headlines, business email compromise (BEC) attacks are alive and well… and having a material impact.
Continue Reading

Americans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment Scams

The US Federal Trade Commission (FTC) has disclosed that people in the United States lost a record $10 billion to fraud in 2023, a 14% increase from 2022. Nearly half of the losses were ...
Continue Reading

[Cybersecurity Awareness Month] Spoofy Steve's Business Email Compromise Scams You Need to Watch Out For

Like a ghost, most business email compromise (BEC) scams are able to sneak through most technical defenses and end up in end-user inboxes.
Continue Reading

Top 10 Trends in Business Email Compromise for 2023

Researchers at Trustwave have published a report outlining trends in business email compromise (BEC) attacks, finding that these attacks spiked in February of 2023.
Continue Reading

Business Email Compromise Now Has a $50 Billion Price Tag

The latest data from the FBI’s Internet Crime Complaint Center (IC3) ups the estimate for the cost of losses and exposure through business email compromise (BEC) attacks from 2013 through ...
Continue Reading

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also ...
Continue Reading

New Social Engineering Tactic Uses PDFs in Business Email Compromise Attacks

Legitimate services can be exploited in social engineering, including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using ...
Continue Reading

Microsoft Describes a Sophisticated Phishing Campaign that Targeted Several Financial Organizations

Microsoft describes a sophisticated phishing campaign that targeted several financial organizations.
Continue Reading

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.
Continue Reading

Business Email Compromise and “Confidential” Mergers and Acquisitions

A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...
Continue Reading

Response-Based Business Email Compromise Contributes to 97% of Attacks

The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...
Continue Reading

FBI: Business Email Compromise Attacks Are Being Used to Make Bulk Goods Purchases from Vendors

A new public service announcement focuses on a specific form of BEC attack using little more than a spoofed domain and common vendor payment practices to steal hardware, supplies and more.
Continue Reading

Australian Police Arrest Business Email Compromise (BEC) Operators

The Australian Federal Police (AFP) have arrested four alleged members of an organized crime group known for carrying out business email compromise (BEC) attacks, BleepingComputer ...
Continue Reading

The FBI's Public Service Warning of Business Email Compromise

The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the ...
Continue Reading

Report Shows Business Email Compromise (BEC) Attacks Increase and Phishing Used as Initial Attack Vector in the Last Year

Secureworks has published a report looking at cybercrime over the course of 2022, finding that business email compromise (BEC) attacks nearly doubled last year. Additionally, attacks in ...
Continue Reading

Microsoft Warns of Business Email Compromise Attacks Taking Hours

According to Microsoft's Security Intelligence team, a recent business email compromise attack (BEC) has shown that threat actors are quickening the pace of these attacks, with certain ...
Continue Reading

Executive Impersonation Business Email Compromise Attacks Go Beyond English Worldwide

Despite hearing mostly about BEC attacks in English-speaking countries, analysis of new attack groups highlight the threat of these kinds of attacks in other languages.
Continue Reading

Business Email Compromise Gang Gets Jail Time for Stealing Millions

An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Continue Reading

28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178%

New data shows users aren’t scrutinizing emails used in business email compromise (BEC) attacks, allowing critical changes in banking details that would impact the victim's organization ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews