Category Archives: Business Email Compromise

‘London Blue’ cybercriminals turn to large-scale email scam

Posted on by

Email users the world over are familiar with the “Nigeria prince” scam in which someone posing as a foreign dignitary requests a money transfer. While this ruse may not fool many, it has grown more clever and industrialized in recent years – to the point of threatening big businesses. A prime example is London Blue, a network of cybercriminals exposed by new research from email-security firm Agari. The group has laid the groundwork for large-scale business email compromise (BEC) attacks by compiling a list of more than 50,000 corporate officials, including dozens of executives from the world’s biggest banks, according to Agari.  Over half of the 50,000 targets were in in the United States. “The pure scale of the group’s target repository is evidence that BEC attacks are a threat to all businesses, regardless of size or location,” Agari researchers wrote. BEC attacks use personalized emails, sent using spoofed email-name […]

The post ‘London Blue’ cybercriminals turn to large-scale email scam appeared first on Cyberscoop.

Continue reading ‘London Blue’ cybercriminals turn to large-scale email scam

Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

Posted on by

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?
All this and much more is discussed in the latest edition of the award-winning … Continue reading Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

School district fails to reclaim $120,000 wired by bank to scammer

Posted on by

A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash.
Read more in my article on the Hot for Security blog.
Continue reading School district fails to reclaim $120,000 wired by bank to scammer

Smashing Security #104: The world’s most evil phishing test, and cyborgs in the workplace

Posted on by

Does your employer want to turn you into a cyborg? Was this phishing test devised by an evil genius? And how did a cinema chain get scammed out of millions, time and time again…?
All this and much more is discussed in the latest edition of the award-wi… Continue reading Smashing Security #104: The world’s most evil phishing test, and cyborgs in the workplace

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Posted on by

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. Combating such a multifarious menace can seem daunting, but in truth it calls for concerted efforts to tackle the problem from many different angles. This post examines the work of a large, private group of volunteers dedicated to doing just that. Continue reading How Do You Fight a $12B Fraud Problem? One Scammer at a Time

10/15/18: Dtex, Privacy, Insider Threat News: 35 Million Voter Records For Sale on Dark Web Courtesy of Insiders; DHS Vulnerable to Insider Attacks

Posted on by

Threat intelligence provider Anomali opened the week in privacy and security news by announcing that it had discovered as many as 35 million voter records for sale on the dark web. The voter information found came from 19 states and contains PII and vo… Continue reading 10/15/18: Dtex, Privacy, Insider Threat News: 35 Million Voter Records For Sale on Dark Web Courtesy of Insiders; DHS Vulnerable to Insider Attacks