Security News

BEC attacks are usually aimed at stealing money or valuable information, but the FBI warns that BEC scammers are increasingly trying to get their hands on physical goods such as construction materials, agricultural supplies, computer technology hardware, and solar energy products. In 2022, the FBI also warned of a BEC scheme aiming to steal shipments of food products and ingredients.

According to various researchers and security firms, threat actors are already out hunting for SVB-exposed prey through both passive and active phishing scams, including similar fake domains and business email compromise attacks. Dean of Research at SANS Technology Institute, Johannes Ullrich clocked a rapid increase in the number of domain registrations containing the word "SVB" since the March 10th collapse.

"In 2022, investment scam losses were the most scheme reported to the Internet Crime Complaint Center," the FBI shared in its 2022 Internet Crime Report. 2022 Internet Crime Report: Additional findings The number of complaints received by the IC3 is a bit smaller than the year before, but the overall recorded losses are highest than ever When it comes to BEC scams, the IC3 saw a slight increase of targeting victims' investment accounts instead of the traditional banking accounts, and an increase of BEC bad actors spoofing legitimate business phone numbers to confirm fraudulent banking details with victims.

Pro-Russian scammers using social engineering and impersonation to trick prominent western commentators into conducting recorded video calls have kicked these campaigns "Into high gear" over the past 12 months, according to security researchers. Once their targets bite the email lure, and agree to follow-up hoax video calls, TA499 kicks things off with a serious question or two.

Figure C. FTC: Crypto scams posted small numbers but lucrative in aggregate. In a June 2022 note, the U.S. Federal Trade Commission said that crypto is proving a lucrative scam channel, with more than 46,000 people reportedly having lost a total of over $1 billion in crypto to scams since 2021.

Do. It. Romance scams cost victims at least $1.3 billion in 2022, according to the US Federal Trade Commission's latest numbers. The most common lie that scammers told their marks is that they, or someone close to them, is sick, hurt or in jail, according to more than 8,000 romance scams reported to the FTC that cost consumers' money.

Ahad Shams, the co-founder of Web3 metaverse gaming engine startup Webaverse, discovered in late November 2022 that someone had stolen $4 million of his cryptocurrency - during a real world interaction. What made this case different is that the scammers stole the funds from a newly created Trust Wallet account when Shams and a Webaverse colleague met in the lobby of a Rome hotel.

The victim will need to pay in that 20% themselves - indeed, they'd jolly well better pay in quickly, the scammers claim, given that the "Authorities" are now involved and looking for their share. Once you realise you've been scammed, whether the scammers pull the plug on you, or you pull the plug on them, you may "Co-incidentally" be contacted by someone who sympathises with your plight, and who knows just the thing for you to try next.

This picture comes from the Ukraine Cyber Police, who raided a fraudulent call centre just before New Year, where they say the three founders of the scam, plus 37 "Staff", were busted for allegedly operating a large-scale banking fraud. Typically, the scammers try to convince you that your bank account is under attack from fraudsters, and patiently offer to help you "Secure" your account and "Recover" lost or at-risk funds.

Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei. The most notable aspect about the operation is the steps taken by the threat actors to bypass steps taken by users to prevent scam calls, using a new pay-as-you-go U.K. phone number for each wave so as to render phone number-based blocking ineffective.