5 Business Email Compromise Attack Examples We Can Learn From

 

Business email compromise (BEC) is a type of phishing scheme where the cyber attacker impersonates a high-level executive (CIO, CEO, CFO, etc.) and attempts to get an employee or customer to transfer money and/or sensitive data.

BEC is essentially an attack where the cyber attacker accesses corporate email accounts and spoofs the owner’s identity. From there, emails are then sent to employees and customers of the company in an effort to steal money and other assets.

Here are five examples of BEC scams in the wild.

Xoom Corporation is an international money transfer organization based in California.

Xoom reported an incident where spoofed emails were sent to the company’s finance department. This resulted in the transfer of $30.8 million in corporate cash to fraudulent overseas accounts.

The CFO resigned, and the company’s audit committee authorized an independent investigation by outside advisors. The company has implemented additional internal procedures, and federal law enforcement authorities are actively pursuing a multi-agency criminal investigation. Because of this. the company stock dipped by a jaw dropping 14%, or approximately $31 million.

Scoular Corporation is an Omaha-based commodities trading firm.

The company reported an incident involving a spearphishing, wire fraud scam. Initially, company employees received a fake email claiming to be from the CEO. It was in reference to the acquisition of a business based in China, asking to wire parts of the declared amount. The email stated, “We need the company to be funded properly and to show sufficient strength to the Chinese. Keith, I will not forget your professionalism in this deal, and I will show you my appreciation very shortly.”

Since it was apparent the email was supposedly coming from the CEO, the employee in question did not doubt the orders and transferred the money over. Though this (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Sayaala. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/ALez8O6mn_k/