Cyber security news for all


    The FBI warns corporate users of BEC attacks

    Since the beginning of the year there have been increasing phishing attacks on Business Email Compromises. Invitations are systematically seen to manage the user data. Fraudsters use controlled phishing kits for this, which can be obtained cheaply on the internet. Even though they only made up a small proportion of the various attack vectors, the financial damage for companies and institutions is getting worse.

    Private Sector Partners Should Pay Attention

    The Federal Bureau of Investigation warned private sector partners for administration, as part of the Business Email Compromise (BEC).The scams are initiated by managing the kits, the cloud enabled email services are being modified to compromise business email accounts and request or misdirect money transfers, according to the FBI in a private industry notification. The fraudsters mimick employees of injured organizations or their affiliates and attempt to redirect payments to the bank accounts they control. The messages do not contain malicious links or attachments, but the attackers attempt to deceive the email client, causing the recipient to view the email as legitimate. Social engineering plays the main role here. They also steal partner information that they can later use for other phishing attacks that will attract risk and more businesses. The highly targeted BEC attacks are extremely difficult to detect because they rarely contain a URL or a malicious attachment.

    – 85 percent of the BEC attacks take place on weekdays and would normally be dispatched during the normal business hours of the targeted company. The attackers wanted to use it to simulate typical business processes in order to make them appear as unsuspicious as possible.

    – The average BEC attack targets no more than five employees.

    –  Many of the BEC exploits are disguised as urgent requests, which supposedly required a quick response.

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox