Databreach Today -
Business Email Compromise (BEC) , Cybercrime , Cybercrime as-a-service
Tactics Include Subverting Advertising Redirect Services, Hiring English Speakers Mathew J. Schwartz (euroinfosec) • September 1, 2021 A recent phishing email, as displayed to a recipient, uses a modified redirect service URL – appended here to bottom of image – leading to a fake Office 365 login page designed to steal their credentials. (Source: 7 Elements)
Why reinvent the wheel? Business email compromise attacks, aka CEO fraud, continue to be one of the most dominant types of online-enabled crime because such scams remain highly lucrative.
See Also: Rapid Digitization and Risk: A Roundtable Preview
For criminals, the lure of BEC attacks is obvious: When they succeed, attackers will have tricked an individual, preferably inside a larger business, into transferring money directly into an attacker-controlled account. Successful attacks can see criminals walking away with