1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Your boss isn't really emailing you - it's a scam

    From TechnologyDaily@1337:1/100 to All on Wed Oct 5 18:30:03 2022
    Your boss isn't really emailing you - it's a scam

    Date:
    Wed, 05 Oct 2022 17:07:06 +0000

    Description:
    Researchers are warning a new sophisticated business email compromise attack is targeting victims.

    FULL STORY ======================================================================

    A new and particularly sneaky business email compromise (BEC) campaign has been spotted that sees victims forwarded an email chain, seemingly coming
    from their boss, instructing them to send on funds.

    Cybersecurity researchers from Abnormal Security explained how the victim usually works in their organizations finance department, or is otherwise capable of making wire transfers.

    In the email, the attackers assume the identity of a company boss, and
    forward an earlier email thread with either a partner company, a client, or
    an organization in the supply chain, and ask the victim to make a payment to those organizations. The entire email thread, designed to give the campaign much-needed legitimacy, is obviously a scam, and the company receiving the transfer belongs to the scammers. Bypassing protection

    What makes business email compromise attacks so devastating is the fact that these emails usually dont carry viruses, malware, or malicious links, and as such usually bypass email and endpoint protection services with ease.

    "Like all BEC attacks, the reason traditional email defenses have a difficult time detecting them is because they don't contain any of the static
    indicators most defenses look out for, like malicious links or attachments, Crane Hassold, director of threat intelligence at Abnormal Security, told ZDNET .

    Most BEC attacks are nothing more than pure, text-based social engineering that traditional email defenses are not well-equipped to detect." Read more

    Business email attacks are now a multi-billion dollar industry


    Protecting your business from email compromise attacks


    Keep your devices secure with the best malware protection tools around

    Abnormal Security analyzed the attacks and believes the campaign originated
    in Turkey, from a threat actor known as Cobalt Terrapin. The campaign started in July this year.

    Although not as popular as ransomware , for example, business email
    compromise is equally devastating. In fact, last summer the FBI said BEC grew into a $43 billion industry.

    In a recent FBI report, between July 2019 and December 2021, the number of identified global losses, due to business email scams, grew by almost two-thirds (65%).

    The figures are based on incidents that have been reported to the Internet Crime Complaint Center (IC3), and mean that BEC attacks are now more
    lucrative than the likes of the global tuna industry, or the global used-clothes industry. These are the best firewalls right now

    Via: ZDNet



    ======================================================================
    Link to news story: https://www.techradar.com/news/your-boss-isnt-really-emailing-you-its-a-scam/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)