BEC Attacks on the Rise; Organizations Lose Millions of Dollars | Cyware Alerts

Cyberattackers are actively using Business Email Compromise (BEC) as their primary attack vector to make quick bucks. According to a report by Trend Micro, BEC scams accounted for a whopping $1.7 billion exposed losses in 2019. Moreover, several BEC scams this year have claimed losses worth millions of dollars.

Making the headlines

Recently, a new BEC scam was identified by Trend Micro, targeting a number of French companies across different industries.
  • The attackers registered a domain similar to the legitimate one used by the targeted business and used it to send emails to their targets, impersonating real employees of the company.
  • In a few initial samples, the email carried an attached PDF file that pretended to be a letter from the French tax service, asking the target company for information about its customers, employees, and other financial data.

Another major BEC scam

The cybersecurity company Mitiga revealed that cybercriminals netted around $15 million by targeting at least 150 victims across the globe.
  • The campaign uses social engineering techniques, in which the attackers impersonated senior executives using Microsoft Office 365 email services.
  • The campaign targeting organizations from the law, construction, finance, and retail sectors, mostly from the U.S.

Other recent email compromise attacks

Within the past few months, several major BEC attacks have been observed.

  • In mid-August, New York-based trading firm Virtu Financial said that it had lost $6.9 million in a business email compromise scam in May.
  • A group of fraudsters named Water Nue was seen targeting business executives of over 1,000 companies across the world since March 2020.


The increasing use of BEC attacks indicates that this is turning out to be a profitable method for fraudsters. Therefore, experts recommend that organizations need to ensure that they have ample security measures to tackle BEC-related threats. Additionally, organizations are recommended to block unsolicited emails from suspected accounts and train their employees to detect targeted phishing attacks.

Source link

Recent articles

Trump and Biden supporters describe the money worries influencing their vote and the nation’s eviction crisis could make voting more difficult for some Americans

Hi there, MarketWatchers. Don’t miss these top stories:Personal FinanceCountries that will give you a...

IndiGo will continue to honour all lease payments: CFO | News

IndiGo will continue to honour all of its lease rental payments to lessors and has not been delaying any payments, the carrier’s chief...

WOW! Disney’s Working on Interactive Audio Animatronics That Have Us FLOORED!

Disney has always pushed the envelope with its robotic...

Journalist murdered in Mexico, sixth this year: governor | Mexico

49-year-old journalist and television news show host, Arturo Alba Medina, was assassinated a few minutes after the end of his programme in Chihuahua...

FINKEL and UK Grime Artist Kamakaze Release ‘Bleach Vial’ Music Video

Indie/electronic duo FINKEL (Jane and Brian Spencer) released a track with UK Grime Artist Kamakaze; the song, Bleach Vial, is a commentary...

Leave a reply

Please enter your comment!
Please enter your name here