Increase in 'CEO Fraud' attacks highlights risks to corporate environments

Billion-dollar financial losses faced by organisations in past years According to a research from Mimecast, the number of BEC (Business Email Compromise) attacks has grown1 about 55% in 2015 in comparison with the previous year. This threat is one kind of social engineering attack more focused on corporate environments, which is also known as CEO Fraud and Whaling attack. Some alerts were given months before, for instance the FBI’s PSA2 (Public Service Announcement) published last August warning about the steady increase in BEC attacks since early 2015. According to this announcement, between October 2013 and August 2015 several organisations from United States and other 79 countries would have experienced financial losses of around 1.2 billion dollars resulting from such kind of cyber threat. These numbers include statistics provided by US and other countries’ law enforcement agencies. At least another alert was given even earlier – a story published by Deloitte in February 2015 that warned about the rise in 'Fake President'3 fraud attacks. Besides the warning, this article described a few steps commonly used in a typical BEC attack scenario: ... (leia a matéria completa)

1 Mimecast Warns of Heightened Whaling Threat. Mimecast. 23 December 2015. [ voltar ]

2 Business Email Compromise. FBI’s Internet Crime Complaint Center. 27 August 2015. [ voltar ]

3 Fraud warning: increase in “Fake President” frauds. Deloitte. 6 February 2015. [ voltar ]

2016-07-13 12:24:12
Por João Paulo Campello 0 comentários

Ransomware recent developments and threats

2016-05-20 00:04:59
Por João Paulo Campello 0 comentários

Malvertising — recent developments on tactics and techniques

2016-05-10 19:30:06
Por João Paulo Campello 0 comentários

New malvertising attacks via anti Ad-Blocking providers

2016-04-20 10:47:05
Por João Paulo Campello 0 comentários

Compromising mobiles, hardware and firmware - The new frontier for surveillance

2016-03-23 21:02:54
Por João Paulo Campello 0 comentários

Possível tendência para realização de ataques: 'Phishing sem websites'

2012-09-05 14:25:29
Por João Paulo Campello 2 comentários

Polycom Web Management Interface O.S. Command Injection

2012-03-05 10:50:29
Por João Paulo Campello 0 comentários

Path Traversal on Polycom Web Management Interface

2012-03-05 10:50:22
Por João Paulo Campello 3 comentários