Increase in 'CEO Fraud' attacks highlights risks to corporate environments

Billion-dollar financial losses faced by organisations in past years According to a research from Mimecast, the number of BEC (Business Email Compromise) attacks has grown1 about 55% in 2015 in comparison with the previous year. This threat is one kind of social engineering attack more focused on corporate environments, which is also known as CEO Fraud and Whaling attack. Some alerts were given months before, for instance the FBI’s PSA2 (Public Service Announcement) published last August warning about the steady increase in BEC attacks since early 2015. According to this announcement, between October 2013 and August 2015 several organisations from United States and other 79 countries would have experienced financial losses of around 1.2 billion dollars resulting from such kind of cyber threat. These numbers include statistics provided by US and other countries’ law enforcement agencies. At least another alert was given even earlier – a story published by Deloitte in February 2015 that warned about the rise in 'Fake President'3 fraud attacks. Besides the warning, this article described a few steps commonly used in a typical BEC attack scenario: ... (leia a matéria completa)



1 Mimecast Warns of Heightened Whaling Threat. Mimecast. 23 December 2015. [ voltar ]

2 Business Email Compromise. FBI’s Internet Crime Complaint Center. 27 August 2015. [ voltar ]

3 Fraud warning: increase in “Fake President” frauds. Deloitte. 6 February 2015. [ voltar ]

2016-07-13 15:24:12
Por João Paulo Campello 0 comentários

[Tempest Talks] Palestra Beyond penetration testing

2016-07-12 20:15:52
Por Maria Carolina 0 comentários

[Tempest Talks] Palestra Panorama Blockchain/Bitcoin

2016-07-04 18:37:59
Por Maria Carolina 0 comentários

[Tempest Talks] Ameaças em redes wi-fi corporativas

2016-06-30 02:08:58
Por Maria Carolina 0 comentários

[Tempest Talks] Grau de similaridade em análise de logs

2016-06-29 01:46:05
Por Maria Carolina 0 comentários

[Tempest Talks] Confira a cobertura completa do evento da Tempest

2016-06-21 21:34:35
Por Maria Carolina 0 comentários

Malware reacende debate sobre ataques contra ambientes air-gapped

2016-05-25 18:37:06
Por Carlos Cabral 0 comentários

Ransomware recent developments and threats

2016-05-20 03:04:59
Por João Paulo Campello 0 comentários

Malvertising — recent developments on tactics and techniques

2016-05-10 22:30:06
Por João Paulo Campello 0 comentários

New malvertising attacks via anti Ad-Blocking providers

2016-04-20 13:47:05
Por João Paulo Campello 0 comentários

Compromising mobiles, hardware and firmware - The new frontier for surveillance

2016-03-24 00:02:54
Por João Paulo Campello 0 comentários

Inspeckage - Android Package Inspector

2016-03-01 03:32:05
Por Antônio Martins 0 comentários

Veja como foi o Tempest Talks São Paulo

2015-10-16 20:15:16
Por Gustavo Monteiro 0 comentários

Tempest Security Intelligence adquire a empresa El Pescador

2015-10-05 17:12:16
Por Gustavo Monteiro 1 comentário

Os 5 tipos de ataques web mais comuns

2015-09-09 13:14:44
Por Gustavo Monteiro 0 comentários

Veja quais são os três pilares básicos das práticas de segurança no SDLC

2015-08-18 18:58:08
Por Gustavo Monteiro 0 comentários

Black Friday representa chance para o fraudador

2015-08-05 13:54:58
Por Gustavo Monteiro 0 comentários

Fim do ciclo de vida do Windows Server 2003

2015-06-29 17:21:50
Por Diego Buarque 0 comentários

Duqu2.0 ressurge

2015-06-11 18:23:39
Por Diego Buarque 0 comentários

Panorama dos ataques identificados pela Tempest

2015-06-11 16:24:03
Por Gustavo Monteiro 0 comentários

Tempest Talks! :)

2015-06-11 14:14:25
Por Gustavo Monteiro 0 comentários

Tempest e a Casa Rex encaram de Londres o mercado global

2015-05-25 17:15:27
Por Gustavo Monteiro 0 comentários

MS15-051 - Win32k Elevation of Privilege Vulnerability - CVE-2015-1701

2015-05-19 12:37:24
Por Diego Buarque 0 comentários

Certificate Pinning Bypass - Android SSL Unpinning

2015-04-09 14:53:02
Por Antônio Martins 0 comentários

Threat-Based Defence as a New Approach to Cyber Security

2015-03-12 11:51:06
Por Gustavo Monteiro 0 comentários