A series of Business Email Compromise (BEC) campaigns that used CEO fraud schemes was seen targeting 17 healthcare institutions in the US, ten in the UK, and eight in Canada over the past two weeks. These institutions range from general hospitals and teaching hospitals to specialty care and walk-in clinics. Even pharmaceutical companies were not safe from the BEC scams, as one UK-based company and two Canadian pharma companies were also targeted.Read More
Threat Research Manager
There’s a reason why the FBI estimates that the average loss caused by Business Email Compromise (BEC) to be $130,000 per company. Employees are not familiar with current social engineering strategies, and the network setup is not equipped enough to keep the threat from getting in the network. And this same situation is clearly depicted in an ongoing BEC campaign targeting companies in the US, Middle East, and Asia.
The attack, which has been traced back to Lagos and Kuala Lumpur, targets companies from several industries such as real estate, manufacturing, and construction.Read More
In May 2014, an accountant to a Texas manufacturing firm received an email from a familiar correspondent, his company’s CEO. The email instructed him to wait for a call from a partner company and warned against sharing the email to anyone else for fear of regulation backlash. The company ended up losing US$ 480,000 to wire fraudsters who used the potent and very costly business email compromise (BEC) scam or CEO fraud. The firm is now suing its cyber insurer for not covering the loss.Read More
DRIDEX is steadily regaining its footing in the US just over a month after its takedown orchestrated by US and UK law enforcement agencies. Taking down servers is a significant step in crippling botnets, but unless all infrastructure are destroyed and all threat actors are caught, threats like DRIDEX are bound to resurface. As such, it…Read More