Business Email Compromise (BEC) Attacks Surpass Ransomware as Major Cyber Threat
The post Business Email Compromise (BEC) Attacks Surpass Ransomware as Major Cyber Threat appeared on BitcoinEthereumNews.com.
In recent years, the cyber threat landscape has witnessed a significant shift, with Business Email Compromise (BEC) attacks gaining prominence over ransomware. According to Cloudflare’s 2023 Phishing Threats Report, BEC-related financial losses saw a worrisome surge of 17% between December 2021 and 2022. This surge underscores the increasing preference of cyber adversaries for BEC as their attack method of choice. The growing threat of BEC BEC is a form of phishing that involves attackers impersonating entities such as a company’s CEO, vendors, or customers to manipulate victims into transferring funds to fraudulent accounts. While BEC has been around for years, recent technological advancements, including artificial intelligence (AI), have made these attacks more convincing and sophisticated. One concerning development in BEC attacks is the emergence of voice deepfakes, enabling attackers to mimic trusted figures like CEOs. Generative AI systems like ChatGPT have become readily accessible, further fueling the evolution of BEC attacks. BEC attacks typically involve adversaries altering payment details or initiating unauthorized transactions, tricking victims into transferring money to the attackers’ accounts. Del Heppenstall, Partner and Head of Cyber at KPMG in the UK, has reported businesses losing millions of dollars to these attacks. One example cited by Adam Pilton, Senior Cybersecurity Consultant at CyberSmart, highlights how BEC attacks can be deceptively simple. A small manufacturing business received an invoice that appeared identical to past invoices but with altered bank account details. The recipient unknowingly transferred funds to a criminal impersonating the supplier. BEC attacks often exploit individuals in financial roles, making them particularly challenging to detect. Joe Stewart, Principal Security Researcher with eSentire’s Threat Response Unit, notes that BEC relies on subtle email manipulations rather than mass phishing campaigns, making detection more complex. Efficiency of BEC attacks What sets BEC apart from other cyber threats, such as ransomware, is…
Filed under: News - @ October 10, 2023 7:14 pm