bec (4)

10748540290?profile=RESIZE_400xAs a cyber security professional and you are asked about the biggest cybersecurity threats facing business, which one springs to mind first?  Maybe it is relentless ransomware attacks, with cyber criminals encrypting networks and demanding vast sums for a decryption key, even from hospitals.  Or maybe it is a devious malware attack, which lets hackers hide inside the network for months on end, stealing everything from usernames and passwords to bank details.  To be sure, both are on the list.  T

9318796279?profile=RESIZE_400xRed Sky Alliance has been monitoring a global phishing campaign which leverages the Ex-Robotos phishing kit to gain access to usernames and passwords of targeted victims. This specific attacker generally targets engineering organizations but has been seen targeting other industries as well. They have been sending out emails since May of 2021, though the tool has been publicly available for purchase since 1 July 20191. Phishing plays a major role in cyber-attacks and often leads to data breaches

8267325297?profile=RESIZE_400xBusiness Email Compromise or BEC attack begins with a cybercriminal hacking and spoofing emails to impersonate your company’s supervisors, CEO, or vendors.  Once in, they request a seemingly legitimate business payment. The email looks authentic, seems to come from a known authority figure, so the unsuspecting employee complies.  These fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the US Federal B

3752022765?profile=RESIZE_710xRed Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC).  Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US.  In total, 113 additional domains were registered by the same actors in August-November 2019.

Details

On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed.  The attackers convinced the member’s pr