CYBER NEWS

Dinheiro roubado via BEC Golpes canalizados para os bancos na China e Hong Kong

The Continuous Growth of BEC Scams Demonstrated in the Latest FBI Report

BEC (Negócios mail Compromise) scams têm crescido à taxa impressionante de 2,370 por cento no último par de anos, conforme relatado pelo FBI.

O mais recente FBI statistics reveal that “most victims report using wire transfers as a common method of transferring of transferring funds for business purposes; Contudo, some victims report using checks as a common method of payment”. The stats are based on data from 50 states in the U.S. and in other 131 países. Most of the stolen money has been funneled to banks in China and Hong Kong.

Story relacionado: Ataques DDoS Organizações de custos $250,000 por hora

BEC scams are no longer only about scamming executives into transferring money into mule accounts. BEC scams now involve requests of personal information and tax forms such as W-2s for employees.

In the United States alone between June and December 2016, the FBI registered complaints that equal to $346 million in losses from 3,044 incidents. Losses outside the U.S. are even higher – $448 million in the same time frame.

The victims of the BEC/EAC scam range from small businesses to large corporations. The victims continue to deal in a wide variety of goods and services, indicating that no specific sector is targeted more than another. It is largely unknown how victims are selected; Contudo, the subjects monitor and study their selected victims using social engineering techniques prior to initiating the BEC scam.


BEC Scam Prevention

Em geral, security solutions search for malicious documents or known blacklisted URLs to determine whether an email is suspicious. BEC scam emails, Contudo, often lack any signs that would give away malicious intentions. BEC scams mostly rely on social engineering and exploit employees’ weaknesses, and are highly targeted. Contudo, the fact that BEC and phishing share some similarities gives users (e empregados) the chance to monitor for particular signs in the contents of such emails, as pointed out by Proofpoint researchers:

  • High-level executives asking for unusual information;
  • Requests to not communicate with others;
  • Requests that bypass normal channels;
  • Language issues and unusual date formats;
  • “Reply To” addresses that do not match sender addresses;

Além disso, besides educating their employees (CEOs included!), companies should look into email protection services and apps.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...