Security News > 2020 > June > How Business Email Compromise attacks pose a threat to organizations
BEC campaigns represent a relatively small percentage of all email attacks yet pose the greatest financial risk, says Abnormal Security.
One less common but potentially more dangerous attack type is the Business Email Compromise.
BEC attacks that impersonate executives dropped 37% from the last quarter of 2019 to the first quarter of 2020 at the same time that attacks using financial employees rose by 87%. Cybercriminals have also shifted somewhat the scope of their targets from individuals to groups.
On the flip side, attacks using invoice fraud soared, with attackers impersonating vendors, suppliers, or customers.
"Reducing their attacks against the C-suite demonstrates they see who is controlling the purse strings for an organization. By setting themselves up in the email servers and monitoring email traffic, the cybercriminals can see the communications back and forth regarding decision making for the finances and then target the comptroller or their team to get them to redirect funds."
News URL
Related news
- Threat actors are stepping up their tactics to bypass email protections (source)
- AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds (source)
- Why AI alone can’t protect you from sophisticated email threats (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)