Estimated reading time: 1 minute, 30 seconds

Ransomware Attackers May Shift to Business Email Compromise  

As law enforcement agencies around the world crack down on ransomware, it would make sense for ransomware attackers to turn their efforts to business email compromise, cybersecurity researcher Crane Hassold has warned. So reports Wired.

ransomware 3998798 640 smallBusiness email compromise is where attackers gain access to a business email account and attempt to trick people into wiring money to criminals. The FBI has found that the amount stolen in BEC scams towers over the amount stolen in ransomware attacks, though the latter are more prominent and disruptive.

Hassold, director of threat intelligence at Abnormal Security and a former digital behavior analyst for the FBI, presented his findings on June 6 at the RSA Conference in San Francisco. As ransomware becomes riskier or less profitable, sophisticated scammers may start to tap the lucrative BEC space, he told Wired.

Hassold noted that he had seen signs that ransomware actors are, at the very least, learning about BEC. “It’s possible that these two threats on opposite sides of the cybercrime spectrum will converge in the future—and we need to be ready for that,” Hassold said.

According to a recent FBI report, BEC scams cost victims nearly $2.4 billion in 2021.

“​​The scheme has evolved from simple hacking or spoofing of business and personal email accounts and a request to send wire payments to fraudulent bank accounts,” the report says. “Now, fraudsters are using virtual meeting platforms to hack emails and spoof business leaders’ credentials to initiate the fraudulent wire transfers. These fraudulent wire transfers are often immediately transferred to cryptocurrency wallets and quickly dispersed, making recovery efforts more difficult.”

A $1.4 million theft from the city of Portland, Ore., appears to be a recent example of a BEC scam, as StateScoop notes.

As BankInfoSecurity reports, police in Nigeria recently arrested a 37-year-old man, charged with spearheading major BEC campaigns.

Read 129 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.