Organizations in the US have been targeted since at least 2021 in various phishing and business email compromise (BEC) campaigns spoofing government and private businesses. The attacks, attributed to a threat actor tracked as TA4903, were focused on harvesting corporate credentials to enable BEC activities such as invoice fraud or payroll redirect. As part of the observed attacks, the threat actor frequently registered new domains spoofing government entities and private organizations in secto
bec (9)
Cybercriminals have started taking advantage of Silicon Valley Bank’s (SVB) downfall to carrying out scams that can steal money and bank account information or infect customers’ systems with malware. SVB was shut down on 10 March 2023 by the California Department of Financial Protection and Innovation and the Feds after the bank failed to raise capital to keep running.[1]
See: https://redskyalliance.org/xindustry/svb-bank-run-not-good
SVB customers are expected to transfer their financial oper
In cybersecurity defense, the use of automatic protection tools is half the assignment. The human element plays an increasingly important role. Scammers like to take shortcuts and know that it is easier to trick people than it is to exploit software or hardware. Any organization with a well-guarded security perimeter is an easy target, as long as its employees fall for phishing scams.
The problem reached new heights during the coronavirus pandemic. This situation for led to online panic tha
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are releasing this joint Cybersecurity Advisory (CSA) to advise the Food & Agriculture sector about recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars.
While BEC is most commonly used to steal money, in cas
A cruel business email compromise (BEC) gang called Lilac Wolverine is hacking people's email accounts and sending messages to their contacts claiming the account owner needs to send a gift to an unwell friend to manipulate people into sending online gift cards. Detailed by cybersecurity researchers, this organized cybercriminal group has fine-tuned techniques pulling on people's heartstrings.
They include false claims that the gift cards are meant for people diagnosed with serious illnesses or
As a cyber security professional and you are asked about the biggest cybersecurity threats facing business, which one springs to mind first? Maybe it is relentless ransomware attacks, with cyber criminals encrypting networks and demanding vast sums for a decryption key, even from hospitals. Or maybe it is a devious malware attack, which lets hackers hide inside the network for months on end, stealing everything from usernames and passwords to bank details. To be sure, both are on the list. T
Red Sky Alliance has been monitoring a global phishing campaign which leverages the Ex-Robotos phishing kit to gain access to usernames and passwords of targeted victims. This specific attacker generally targets engineering organizations but has been seen targeting other industries as well. They have been sending out emails since May of 2021, though the tool has been publicly available for purchase since 1 July 20191. Phishing plays a major role in cyber-attacks and often leads to data breaches
Business Email Compromise or BEC attack begins with a cybercriminal hacking and spoofing emails to impersonate your company’s supervisors, CEO, or vendors. Once in, they request a seemingly legitimate business payment. The email looks authentic, seems to come from a known authority figure, so the unsuspecting employee complies. These fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the US Federal B
Red Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC). Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US. In total, 113 additional domains were registered by the same actors in August-November 2019.
Details
On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed. The attackers convinced the member’s pr