Filling the Most Common Gaps in Google Workspace Security

Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incide...

The massive computer outage over the weekend was not a cyber attack, and I’m not sure why we have to keep saying that

Youre not going to believe this, but there was a lot of misinformation on social media over the weekend after the massive CrowdStrike/Microsoft outage. As airlines cancelled flights, hospitals had to reschedule patients and some companies just flat-out couldnt work on Friday, people were quick to...

Talos IR trends: BEC attacks surge, while weaknesses in MFA persist

Business email compromise BEC was the top threat observed by Cisco Talos Incident Response Talos IR in the first quarter of 2024, accounting for nearly half of engagements, which is more than double what was observed in the previous quarter. The most observed means of gaining initial access was t...

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. "The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors w...

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle AitM phishing and business email compromise BEC attack, Microsoft has revealed. "The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and...

Interpol Arrests Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise...

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise BEC attacks targeting more than 50,000 victims in recent years. The disruption of the BEC network is the result o...

Romance, BEC Scams Lands Soldier in Jail for 46 Months

A former Army reservist was just sentenced to 46 months in prison and ordered to pay nearly $2 million in penalties and restitution, after pleading guilty to scamming dozens of people online, including the elderly and a veteran’s organization for Marines. Joseph Iorhemba Asan Jr. along with his...

BEC Scammers Seek Native English Speakers on Underground

Looking for work? Speak fluent English? Capable of convincingly portraying a professional – as in, somebody a highly ranked corporate leader would talk to? If you lack scruples and disregard those pesky things called “laws,” it could be your lucky day: Cybercrooks are putting up help-wanted ads,...

Best Practices to Thwart Business Email Compromise (BEC) Attacks

Business email compromise BEC refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main mechanisms through which attackers penetrate organizations utilizing BEC techniques, spoofing and account take-over attacks. In a recent...

BEC Losses Top $1.8B as Tactics Evolve

Business email compromise BEC attacks ramped up significantly in 2020, with more than $1.8 billion stolen from organizations with these types of attacks last year alone — and things are getting worse. BEC attacks are carried out by cybercriminals either impersonating someone inside an organizatio...

Doxing in the corporate sector

Introduction Doxing refers to the collection of confidential information about a person without their consent for the purpose of inflicting harm on that person or to otherwise gain some benefit from gathering or disclosing such information. Normally, doxing involves a threat to specific people,...

Office 365 Phishing Attack Targets Financial Execs

A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise BEC attacks, according to a new report from Area 1 Security. These new, sophisticated attacks are aimed at...

How Email Attacks are Evolving in 2021

Hundreds of thousands of dollars lost. Financial and emotional ruin. And in some cases, suicide. These are some of the outcomes business email compromise BEC attacks have on victims, said Ronnie Tokazowski, senior threat researcher with Agari. These type of attacks don’t garner the same attention...

Microsoft 365 Becomes Haven for BEC Innovation

Two fresh business email compromise BEC tactics have emerged onto the phishing scene, involving the manipulation of Microsoft 365 automated email responses in order to evade email security filters. In one case, scammers are targeting victims by redirecting legitimate out-of-office OOO replies fro...

Lookalike domains and how to outfox them

Our colleagues already delved into how cybercriminals attack companies through compromised email addresses of employees, and how to protect against such attacks using SPF, DKIM and DMARC technologies. But despite the obvious pluses of these solutions, there is a way to bypass them that we want to...

BEC Wire Transfers Average $80K Per Attack

The average wire-transfer loss from business email compromise BEC attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter. That’s according to the recently released Anti-Phishing Working Group APWG’s Phishing Activity Trend...

Understanding the Payload-Less Email Attacks Evading Your Security Team

The traditional image of a successful email attack is that of a naive employee clicking the link in a crudely crafted spam email bent on phishing. But times have changed, and employees are much more security-educated than they used to be. So, today’s threat actors are creating increasingly...

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks

Business email compromise BEC attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitaliz...

Cybergang Favors G Suite and Physical Checks For BEC Attacks

Researchers have uncovered a new business email compromise BEC threat actor, which they call Exaggerated Lion, targeting thousands of U.S. companies with money pilfering scams. The cybercrime ring is unique in its leveraging of Google’s cloud-based productivity suite, G Suite, and for its use of...