Tag: business email compromise
Copyright infringement scam goes global
Since July of this year, cybersecurity firm Check Point has been tracking an ingenious form of online fraud that is rapidly spreading across the US, Europe, East Asia and South America. The attackers impersonate dozens of legitimate companies, claiming the victim’s organization has infringed their copyright. Weaponized emails, which appear to come from the legal representatives of the impersonated companies, accuse the recipient of misusing their brand on the target’s social media page and requesting the removal of specific images and videos. The phishing emails are typically sent from Gmail accounts and prompt recipients to download an archive file. which then installs the latest version of the Rhadamanthys infostealer stealer (version 0.7) in order to steal critical information from the victim’s organization.
Public sector phishing attacks increase fourfold
With national elections coming up later this year, US public-sector organizations are experiencing unprecedented levels of phishing attacks designed to dupe government staff into opening weaponized links in fake emails. According to email security firm Abnormal Security: “Between May 2023 and May 2024, public sector organizations experienced an astounding 360 percent growth in phishing attacks. While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”
AI-engineered email attacks are on the rise
Email scams aimed at business users are becoming increasingly sophisticated and increasingly tough to detect. Threat actors are now using artificial intelligence to research their targets in advance of an attack, a process known as ‘social engineering.’ Phishing attacks and email scams that appear to come from a trusted source make up 35.5% of all socially engineered threats, according to a report from cybersecurity firm Barracuda: Top Email Threats and Trends. Although these types of attacks have been around for some time, cybercriminals have recently devised ingenious new methods to avoid detection and being blocked by email-scanning technologies.
341% Rise in Advanced Phishing Attacks – May 22nd
SlashNext's report revealed a 341% increase in malicious phishing links, business email compromise (BEC), Quishing, and attachment-based threats in the past six months. "The State of Phishing 2024" report also states that malicious email and messaging threats have increased by 856% over the past 12 months, amplified by the emergence of generative AI.
High level executives targeted in ongoing attacks
Highly organized cybercriminals suspected to be based in Russia and Nigeria are targeting hundreds of executives in dozens of organizations in an ongoing Microsoft Azure cloud account takeover (ATO) campaign. According to US cybersecurity firm Proofpoint: “As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents.” Innocent but weaponized documents sent to key executives include embedded links to “View Document”, which automatically directs them to a malicious site. The users affected by the attacks occupy a variety of trusted positions within their organizations. Victims include chief financial officers (CFOs), finance managers, account managers, corporate vice presidents, and sales directors. Proofpoint believes that targeting this variety of executive positions is far from being a series of random phishing attacks.
Third-Party Attacks on the Rise
Criminal gangs are exploiting a new “side door” into organizations via connected third-party applications including everything from calendars to creative tools. Thwarted by the recent success of anti-phishing cybersecurity and aided by artificial intelligence (AI), criminal gangs are now compromising email accounts through third-party attacks. “Third-party applications connected to the email environment are being exploited, and organizations are making the lives of bad actors easier as they continue to connect more applications with high-risk permissions. Application overload is a common and dangerous trend,” says cybersecurity firm Abnormal Security. Abnormal Security believes that, although vulnerabilities in third-party software accounted for 13% of all breaches in 2022, costing organizations an average of US$4.55 million per incident, the problem has since worsened considerably. It quotes a recent vendor email compromise (VEC) attack that almost netted the criminals US$36 million, although most VEC attacks target less than US$150,000.
Canadian Government Employees Banned to Use Kaspersky and WeChat Apps – October 31st
SlashNext's "State of Phishing Report for 2023" report stated the 1265% phishing increase in malicious phishing emails since Q4 2022, correlating to ChatGPT's launch. It was also reported that 31,000 phishing emails were sent on a daily basis in the past year, 68% of them being text-based Business Email Compromise (BEC).
US healthcare attacks rise threefold
Following hard on the heels of the recent attack on the US Red Cross comes a report that text-based email attacks on the healthcare sector have risen almost threefold this year. Cybersecurity firm Abnormal Security reports that the healthcare industry has also seen an overall 167% increase in advanced email attacks in 2023, which includes credential phishing, malware, business email compromise (BEC), and extortion.