Business email compromise: What can be learned from the Norfund attack

2020-06-17 06:00

The recent attack which saw Norway's state-owned investment fund, Norfund, lose an eye-watering USD 10 million was down to a simple but devastatingly effective tactic used by cybercriminals: a spoofed email address.

These attacks, known as business email compromise work because they prey on human nature, the innate psychological traits shared by everyone.

A close cousin to BEC is Email Account Compromise attacks, where the goal of the attacker isn't just to impersonate you-it's to become you.

The attacker will take over a user's email account using various tactics like password spray, phishing, and malware.

What Can Be Learned from the Norfund Attack BEC and EAC attacks are equal-opportunity scams.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/06/17/proofpoint_business_email_compromise/

#attack #compromise #email

News URL

Related news