Attackers Keep Refining Business Email Compromise Schemes

Databreach Today -

Business Email Compromise (BEC) , Cybercrime , Cybercrime as-a-service

Tactics Include Subverting Advertising Redirect Services, Hiring English Speakers Mathew J. Schwartz (euroinfosec) • September 1, 2021     A recent phishing email, as displayed to a recipient, uses a modified redirect service URL – appended here to bottom of image – leading to a fake Office 365 login page designed to steal their credentials. (Source: 7 Elements)

Why reinvent the wheel? Business email compromise attacks, aka CEO fraud, continue to be one of the most dominant types of online-enabled crime because such scams remain highly lucrative.

See Also: Rapid Digitization and Risk: A Roundtable Preview

For criminals, the lure of BEC attacks is obvious: When they succeed, attackers will have tricked an individual, preferably inside a larger business, into transferring money directly into an attacker-controlled account. Successful attacks can see criminals walking away with

Read More.....