Business Email Compromise (BEC)

How the FBI Fights Back Against Worldwide Cyberattacks

Posted on September 19, 2023 by Mike Elgan

In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called […]

The post How the FBI Fights Back Against Worldwide Cyberattacks appeared first on Security Intelligence.

Continue reading How the FBI Fights Back Against Worldwide Cyberattacks→

Researchers unpack massive email scam targeting dozens of companies

Posted on June 13, 2023 by AJ Vicens

The campaign is the latest case of business email compromise, which costs victims billions of dollars annually.

The post Researchers unpack massive email scam targeting dozens of companies appeared first on CyberScoop.

Continue reading Researchers unpack massive email scam targeting dozens of companies→

Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?

Posted on August 5, 2022 by Mark Stone

For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because […]

The post Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing? appeared first on Security Intelligence.

Continue reading Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing?→

INTERPOL hauls in alleged Nigerian cybercrime ringleader

Posted on May 25, 2022 by Tonya Riley

The group is believed to have hit more than 50,000 victims.

The post INTERPOL hauls in alleged Nigerian cybercrime ringleader appeared first on CyberScoop.

Continue reading INTERPOL hauls in alleged Nigerian cybercrime ringleader→

FBI arrests 65 in BEC scams that took $51 million from U.S. businesses

Posted on March 30, 2022 by Tonya Riley

“Operation Eagle Sweep” is the latest crackdown on business email compromise (BEC) scams by international law enforcement.

The post FBI arrests 65 in BEC scams that took $51 million from U.S. businesses appeared first on CyberScoop.

Continue reading FBI arrests 65 in BEC scams that took $51 million from U.S. businesses→

FBI: Cybercrime reports saw ‘unprecedented’ rise last year, costing nearly $7B

Posted on March 23, 2022 by Tim Starks

Business email compromise again proved costliest, at $2.4 billion, according to the bureau’s Internet Crime Complaint Center

The post FBI: Cybercrime reports saw ‘unprecedented’ rise last year, costing nearly $7B appeared first on CyberScoop.

Continue reading FBI: Cybercrime reports saw ‘unprecedented’ rise last year, costing nearly $7B→

Years of hacks against aviation, transportation industries are tied to one group, researchers say

Posted on February 15, 2022 by AJ Vicens

Analysts have noticed various attempts in recent years by hackers trying to breach entities in the aviation and aerospace industries, as well as related transportation fields. The operators typically use of off-the-shelf malware and deploy digital lures that refer to industry-specific topics like airline cargo conferences or machine parts. It now appears that most of those incidents were by the same group, according to cybersecurity firm Proofpoint. Dubbing the group “TA2541,” Proofpoint says the trail of evidence goes back to at least 2017, and the hackers remain a “consistent, active cybercrime threat.” Hundreds of different organizations have been targeted globally, with an emphasis on North America, Europe and the Middle East, the researchers say. Crime seems to be the main goal, says Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, given TA2541’s targeting, its victims, its use of commodity malware and its high message volume. Campaigns ranging […]

The post Years of hacks against aviation, transportation industries are tied to one group, researchers say appeared first on CyberScoop.

Continue reading Years of hacks against aviation, transportation industries are tied to one group, researchers say→

Interpol arrests 11 alleged members of Nigerian scam syndicate ‘SilverTerrier’

Posted on January 19, 2022 by AJ Vicens

International law enforcement authorities say they’ve arrested nearly a dozen members of a notorious Nigerian cybercrime gang potentially responsible for targeting as many as 50,000 victims in various scams in recent years. Some of the 11 suspects are thought to be associated with “SilverTerrier,” a syndicate accused of employing a range of malware variants in tens of thousands of financial scams dating back to at least 2014, Interpol said Wednesday. The announcement comes two months after three members of the same group were arrested after a year-long Interpol-led investigation called Operation Falcon into the prolific business email compromise (BEC) scams the group’s members are alleged to have pulled off over the years. Authorities called this latest roundup Operation Falcon II. The arrests occurred between Dec. 13 and 22, but it’s not clear exactly where. A statement from a senior Nigerian law enforcement official and included in the Interpol release referenced […]

The post Interpol arrests 11 alleged members of Nigerian scam syndicate ‘SilverTerrier’ appeared first on CyberScoop.

Continue reading Interpol arrests 11 alleged members of Nigerian scam syndicate ‘SilverTerrier’→

Advertisers are sucking up student data, even after legal action, researchers say

Posted on December 20, 2021 by Tonya Riley

Hundreds of advertisers are collecting valuable student data from a service that allows schools to add sports data to their informational app for students, researchers at the Me2Be Alliance found. The new findings build on previous research from the nonprofit that found the majority of sampled school apps were sharing data with advertising software kits. This time researchers examined web traffic originating from links embedded directly into the customized school apps using a utility called WebView. “These are taxpayer-funded school utility apps that have integrated some of the most aggressive advertising chains you can think of,” said Zach Edwards, one of the report’s researchers. The WebView software gives developers a way to allow users to open links within an app, instead of a separate web browser. The process makes it easier for developers to include content in their apps but harder for users to control privacy settings. WebView itself doesn’t expose […]

The post Advertisers are sucking up student data, even after legal action, researchers say appeared first on CyberScoop.

Continue reading Advertisers are sucking up student data, even after legal action, researchers say→