01 Jul 2021

Impersonation Becomes Top Phishing Technique

New research by Avanan reveals that impersonation and credential harvesting attacks are the most common among phishing attackers this year. Avanan’s 2021 Global Phish Cyber Attack Report found that credential harvesting is used in over half of all phishing attacks, up nearly 15% since 2019. Researchers at Avanan also found

Read More
04 Feb 2021

Microsoft Sees Spike in BEC Attacks Targeting Schools

On Tuesday, Microsoft published a series of posts to Twitter warning of a visible uptick in BEC attacks targeting K-12 school teachers. This time, the operators behind the BEC attacks are impersonating teachers’ colleagues with gift-card themed emails. According to Microsoft Security Intelligence, the attackers create fake email accounts impersonating

Read More
17 Dec 2020

BEC Hits Double Digits as COVID-19 Scams Abound

According to Barracuda Networks, business email compromise attacks have surged in 2020, alongside Covid-19 related scams seeking to lure victims into surrendering passwords or money. During the period of August to October 2020, Barracuda Networks found that the total number of targeted email threats was a whopping 2.3 million. Spear

Read More
02 Dec 2020

Criminals to Favor Ransomware and BEC Over Breaches in 2021

Cyber-criminals will likely shift their focus from personal data collection to phishing and ransomware in 2021, according to the Identity Theft Resource Center (ITRC). Rather than targeting large companies and attempting to breach their networks to steal sensitive data, likely to sell on dark web forums, threat actors will increasingly

Read More
02 Dec 2020

FBI warns of email forwarding rules being abused in recent hacks

The US FBI released a Private Industry Notification (PIN) last week claiming that cybercriminals are exploiting email forwarding rules to maintain anonymity and hide their presence on hacked email accounts. The PIN was made public yesterday and contains valuable information about how the technique is being actively used in recent

Read More
30 Nov 2020

Three Nigerians Arrested for Cybercrime Operation Targeting 150 Countries

In Lagos, Nigeria, three Nigerian nationals were arrested for their involvement in a widespread Business Email Compromise (BEC) campaign. The three men were also allegedly involved with a large organized crime group known as TMT, which is known to be involved in cybercrime such as phishing attacks, malware distribution, and

Read More
01 Sep 2020

BEC Wire Transfer Losses Soar 48% in Q2 2020

According to security vendor Agari, Business Email Compromise attacks that lead to wire transfer losses have increased dramatically from the previous quarter. BEC wire transfer losses soared by over 48% from Q1 2020, resulting in an average of more than $80,000. These conclusions were highlighted in the Anti-Phishing Working Group’s

Read More
08 Jul 2020

First reported Russian BEC scam gang targets Fortune 500 firms

According to researchers at email prevention company Agari, a new group of threat actors believed to be from Russia has elevated Business Email Compromise scams to a new level. Whereas most BEC attacks are from Nigerian actors who target companies of any size, this new Russian group named Cosmic Lynx

Read More
16 Apr 2020

PPE, COVID-19 Medical Supplies Targeted by BEC Scams

The FBI has confirmed that agencies aiming to but items like ventilators have unknowingly been conned into a BEC scam in which they transfer funds to threat actors rather than legitimate organizations. There has been a shortage of personal protective equipment (PPE) in American hospitals across the country, and the

Read More
07 Apr 2020

FBI warns again of BEC scammers exploiting cloud email services

The FBI issued a warning to the public yesterday, stating that its Internet Crime Complaint Center (IC3) has received numerous reports of cybercriminals abusing could based email services in Business Email Compromise (BEC) attacks. This marks the second time within the past month that the FBI has warned of BEC

Read More