Business Email Compromise and Phishing

Invoice Fraud Strikes Amazon In $19M Scam

PYMNTS

AUGUST 24, 2020

This week's B2B Data Digest looks at the rising threat of the business email compromise (BEC) scam and invoice fraud on companies of all sizes in the U.S., 389 percent more BEC scams hit U.S. businesses between Q1 and Q2, per new Abnormal Security research revealed in its Quarterly BEC Report for Q2 2020.

Scams

Scams Business Email Compromise Ransomware Email Compromise

Why The Data Breach Decline Is Bad News For Businesses

PYMNTS

FEBRUARY 1, 2021

40 legitimate email accounts of company executives have been compromised in a phishing campaign targeting businesses , according to Gov Info Security reports. The scam involves sending a phishing email claiming to be a Microsoft Office 365 update.

Data Breach

Data Breach Breach Business Email Compromise Scams

Fraudsters Try New Spins On The BEC Scam

PYMNTS

JANUARY 27, 2020

The Business Email Compromise (BEC) continues to evolve. New analysis from Bank Info Security , for instance, revealed that BEC scammers have begun to target corporates’ financial documents from accounts receivable departments to identify unpaid invoices, as well as information regarding Days Sales Outstanding and clients.

Business Email Compromise

Business Email Compromise Scams Ransomware Real Time Payments

Webinars

A Roadmap For Modernization: How To Break Free From Your Monolith Before July 31, 2026

MORE WEBINARS

The Big Spike In ‘CEO Fraud’

PYMNTS

FEBRUARY 12, 2020

Phishing/vishing/smishing/pharming, non-payment/non-delivery, extortion and personal data breaches were among the favored attack patterns last year. As for the areas where scammers managed the biggest hits, business email compromise (BEC), confidence/romance fraud and spoofing were the top three types of crime in terms of monetary losses.

Business Email Compromise

Business Email Compromise FBI Email Compromise Scams

KnowBe4 Phishing Tool Looks To Take Down CEO Fraud

PYMNTS

DECEMBER 6, 2016

KnowBe4 , a security awareness training and simulated phishing platform provider, launched a new tool designed to help IT managers combat CEO fraud, or Business Email Compromise (BEC) as it is referred to by the FBI. The phishing tool uses simulated attacks to test users and tracks how they reply.

Phishing

Phishing Wire Transfer Email Compromise Business Email Compromise

What is Business Email Compromise (BEC)?

Nanonets

NOVEMBER 14, 2023

Business Email Compromise (BEC) is a cyber threat that exploits the vulnerabilities of email communication. In business operations, BEC is often used to manipulate individuals within an organization for financial fraud or unauthorized access to sensitive information. What is Business Email Compromise (BEC)?

Email Compromise

Email Compromise Business Email Compromise Compromise Phishing

Email’s Role In Combatting Business Email Compromise

PYMNTS

APRIL 14, 2020

With the business email compromise (BEC) phishing attack a continuously growing threat for businesses large and small, organizations are exploring how strategic cybersecurity investments can protect them when bad actors attempt to steal company cash or redirect business payments. Filtering The Inbox. The Burden Of Responsibility.

Email Compromise

Email Compromise Compromise Business Email Compromise Phishing

Report: Email Variants Keep BEC Fraud Humming Along

PYMNTS

JULY 1, 2019

As noted in a report by FireEye, the bad guys are continuing to leverage a tactic known as business email compromise (BEC), where that method of communication seeks to impersonate persons of authority from within a firm, or alternatively, legitimate business partners, to requests funds be sent to accounts (and then of course, pilfered).

Business Email Compromise

Business Email Compromise Phishing Email Compromise Credential

Scammers Prove Corporate Payments Fraud Comes In All Shapes And Sizes

PYMNTS

DECEMBER 7, 2020

Business email compromise (BEC) scams continue to ravage company coffers. Just last week, IBM cybersecurity experts uncovered a widespread BEC attack targeting players in the coronavirus vaccine supply chain. But the BEC scam is not the only kind of business payments fraud plaguing firms today.

Business Email Compromise

Business Email Compromise Scams Crime Email Compromise

Phishing Scam Masquerades As Square To Target Businesses

PYMNTS

JULY 30, 2018

A phishing scam making the rounds and targeting businesses is using the Square name to fool its targets. Last year, small business accounting company MYOB had its name used by phishing scammers who targeted small businesses. While there are several versions of the email, they all include the Square logo, according to reports.

Phishing

Phishing Scams Business Email Compromise Email Compromise

BEC Targets BSA Officials At Credit Unions

PYMNTS

FEBRUARY 15, 2019

To that end, phishing attacks, more commonly known as business email compromises (BECs), have been aimed at Bank Secrecy Act (BSA) officials at credit unions. Department of the Treasury ’s Financial Crimes Enforcement Network (FinCEN) has known about the BEC, and has cautioned against opening such phishing emails.

BSA

BSA Credit Union Business Email Compromise Office of the Comptroller of the Currency

Report: BEC Fraud Increasingly Goes Mobile

PYMNTS

MARCH 21, 2019

As researchers at Agari reported, business email compromise (BEC) attacks have been going mobile. As noted in other BEC scams, often the criminal impersonates an executive with the company. The Agari research found that the BEC scams play out similarly to gift card scams. phone number.

Business Email Compromise

Business Email Compromise Scams Email Compromise Compromise

Why fraud is spiking in business email payments

Payments Source

JUNE 28, 2018

Payments fraud from business email compromise, or BEC, occurs when scammers use phishing tricks and email to fool businesses into making fraudulent payments to perceived suppliers. Experts suggest newer factors are accelerating the trend.

Email Compromise

Email Compromise Business Email Compromise Phishing Compromise

BEC Fraudsters Eye HR Departments As Prey

PYMNTS

APRIL 12, 2019

Thus, business email compromise fraud (BEC) is evolving too. As reported in darkreading.com, the gangs using BEC – new gangs and seasoned gangs – have recently been targeting human resource and finance professionals to grab direct deposit payroll information to siphon off funds.

Business Email Compromise

Business Email Compromise AFP ACH Email Compromise

Tax Season Adds Extra Fraud Weight For SMBs

PYMNTS

FEBRUARY 24, 2020

In a new report from ProofPoint , researchers warned that any businesses with the word “tax” in its domain is at risk of being spoofed by phishing attackers targeting small to medium-sized businesses (SMBs). 75,000 is the average loss of a BEC scam , new data from the FBI has revealed. Tax season is upon U.S.

Business Email Compromise

Business Email Compromise Scams Email Compromise Phishing

SMBs Severely Underestimate Data Breach Costs

PYMNTS

SEPTEMBER 21, 2019

Information on phishing email or BEC scam campaigns, for instance, can be shared to help small businesses protect themselves before an attack occurs. 20 percent of Business Email Compromise scams request payroll diversions new data from the Anti-Phishing Working Group (APWG) revealed in a report published last week.

Data Breach

Data Breach Breach Small Business Business Email Compromise

New Cyberattacks Surface To Steal Corporate Funds

PYMNTS

APRIL 4, 2019

Meanwhile, instances of the Business Email Compromise (BEC) are also on the rise: About 47 percent of all incidents examined last year were the result of a hack or malware — and, of those, about half were BEC scams. Through the spear phishing campaign, an unwilling employee inputs those credentials for the criminal.

Ransomware

Ransomware Phishing Direct Deposit Business Email Compromise

FBI, BBB Sound Another Business Email Compromise Alarm

PYMNTS

SEPTEMBER 30, 2019

The FBI has been vocal in recent years about the growing threat and subsequent damages linked to the Business Email Compromise (BEC) scam, which targets accounts payable departments in an attempt to steal company cash. The operation also reportedly led to the recovery of about $118 million in fraudulent wire transfers linked to BEC scams.

Email Compromise

Email Compromise FBI Compromise Business Email Compromise

Cyberattackers Go Global To Steal Company Cash

PYMNTS

SEPTEMBER 8, 2020

. $80,000 is now the average amount phishers demand from their business email compromise targets , according to new research from the Anti-Phishing Working Group (APWG) in its second-quarter 2020 Phishing Activity Trends Report. The average sought in a BEC scam is up from $54,000 in the first quarter of the year. $1

Business Email Compromise

Business Email Compromise Ransomware Payee Overlay Service

Google And Facebook Scammed Out Of $100M

PYMNTS

MAY 1, 2017

Phishing attacks can happen to even the most vigilant among us. The DoJ alleges that the man, Evaldas Rimašauskas, used a business email compromise (BEC) scam to trick Facebook and Google into paying fake invoices, impersonating manufacturer Quanta Computer. BEC fraud has been on the rise across the globe. Kim, in a statement.

Scams

Scams Business Email Compromise Email Compromise Identity Theft

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Seon

JUNE 15, 2023

Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations. The report states that these victims mostly lost their money to BEC scams. The report states that these victims mostly lost their money to BEC scams. The most damaging form of BEC is account takeover (ATO) attacks.

Email Compromise

Email Compromise Compromise Business Email Compromise Risk

Scammers Love Bitcoin, But Consumers Aren’t So Enthusiastic

PYMNTS

OCTOBER 7, 2020

The Financial Crimes Enforcement Network recently issued a warning that fraudsters are leveraging various illicit methods, including malware, phishing schemes, extortion and business email compromise (BEC) scams — all with a COVID-19 twist.

Bitcoin

Bitcoin Consumer Cryptocurrency Scams

Hacker Tracker: Identity Fraud On The Rise

PYMNTS

MAY 12, 2017

. …………… Here are other top cybersecurity stories that made headlines this past week: One Million Gmail Users Affected By Google Docs Phishing Scam. percent of total users) were affected by an email phishing scam. Late last week, approximately one million Gmail users (or about 0.1 billion across organizations.

Business Email Compromise

Business Email Compromise ATM Phishing FBI

Organizations' Fraud Threats Rise This Holiday Season

PYMNTS

DECEMBER 8, 2020

According to cybersecurity experts, email scams rise during the holidays, with business email compromise (BEC) an especially concerning scam. The FBI also noted that this scam can often be coupled with other types of fraud, sometimes coming in the form of BEC in which a scammer requests a wire transfer or other payment be made.

FBI

FBI Business Email Compromise Scams Mitigation

Financial Crime-Fighters Turning The Tide Of COVID-Era Fraud

PYMNTS

SEPTEMBER 28, 2020

The Financial Crimes Enforcement Network (FinCEN) recently issued a warning that fraudsters are leveraging various illicit methods, including malware, phishing schemes, extortion and business email compromise (BEC) scams, all with a COVID-19 twist.

Financial Crimes

Financial Crimes Crime Due Diligence Federal Trade Commission

Lull Hits B2B FinTech Venture Capital Funding

PYMNTS

MARCH 6, 2020

In addition to providing cybersecurity services, the company’s technology could prove important for businesses and governments facing a surging threat of Business Email Compromise (BEC) and other social engineering and phishing scams flowing in via their email platforms. Chqbook.com.

B2B

B2B FinTech MSPS Email Compromise

AP Automation Combats COVID Scams

PYMNTS

APRIL 21, 2020

Business email compromise (BEC), B2B phishing scams, synthetic identities, fake accounts and trillions of aid dollars flooding out at a time of maximum uncertainty make this a fraudster’s paradise.

Scams

Scams Automation Phishing Email Compromise

Earnings Season Looms As Multi-Week Fizzle

PYMNTS

JULY 5, 2019

BEC: Fraudsters are leveraging variants in business email compromise (BEC) fraud, finding new ways to siphon off money from corporates. FireEye finds that there was a 26 percent boost quarter over quarter in malicious emails that sought to bring users to phishing sites and spoofed major brands.

Business Email Compromise

Business Email Compromise Email Compromise Phishing Database

Facebook Tracker: Anticipation

PYMNTS

MAY 2, 2017

In other news of note from the Facebook space, it recently came to light that the social media giant, along with Google, were the heretofore unnamed victims of a combined $100 million phishing attack earlier this year. Research from Proofpoint found a 45 percent spike in BEC attacks in the last quarter of 2016 compared to Q3.

Business Email Compromise

Business Email Compromise Email Compromise Scams Phishing

Study: Financial Pressure Makes CFOs Prone To Fraud

PYMNTS

FEBRUARY 20, 2020

In other corporate fraud news , phishing defense firm Agari has concluded an investigation on one of the largest fraud perpetrators in a long time: Exaggerated Lion. If a CFO had accounting experience, though, as opposed to banking or finance, they were more likely to blow the whistle, the study found.

Romance Scams

Romance Scams Email Compromise Business Email Compromise Phishing

SEC Warns Cos To Prioritize Cybersecurity

PYMNTS

OCTOBER 17, 2018

The SEC’s investigations focused on “business email compromises” (BECs), where criminals posed as company executives or vendors and used emails to trick employees into sending large sums to fraudulent bank accounts. The activity sometimes lasted months and was often only discovered after law enforcement or other third parties got involved.

Cybersecurity

Cybersecurity Email Compromise Law Enforcement Business Email Compromise

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

PYMNTS

DECEMBER 17, 2019

Spoofed phishing site domains are hosted in Turkey and Romania. Hackers spy on the email correspondents and they then use that data to write emails at strategic times, asking for an invoice payment, which is a sophisticated iteration of the business email compromise (BEC) scam that is “particularly hard to spot,” Agari noted.

Credential

Credential Scams Email Compromise Business Email Compromise

Facebook, Alphabet Scammer To Serve Five Years In Prison

PYMNTS

DECEMBER 20, 2019

They engaged in a phishing scheme, sending emails to employees and agents of the companies, seeking outstanding bills and asking the companies to send money to accounts in Latvia and Cyprus that Rimasauskas operated, according to U.S. federal prosecutors. In 2017, Rimasauskas was arrested in Lithuania and extradited to the U.S.

Law Enforcement

Law Enforcement Phishing Wire Transfer Scams

Businesses Urged Not To Pay Ransom To Cyberattackers

PYMNTS

SEPTEMBER 13, 2018

Issues like phishing and the Business Email Compromise (BEC) are top concerns, yet ransomware cannot be ignored as a destructive force. Nearly half of the small businesses surveyed by Hiscox last year said they had been targeted by at least one cyberattack, while 44 percent said they were hit by between two and four attacks.

Ransomware

Ransomware MSPS Disaster Recovery Cybersecurity

Mastercard Cybersecurity Toolkit Sheds Light On SMB Education Gap

PYMNTS

FEBRUARY 20, 2019

Citing 2018 data from Verizon, Mastercard noted research that suggested the majority of cyberattacks are actually targeted at SMBs, ranging from phishing scams and the Business Email Compromise (BEC) to malware and ransomware attacks. In a press release on Tuesday (Feb.

Cybersecurity

Cybersecurity Visa Data Breach Small Business

From The Phone To Email: How Scammers Hit SMBs

PYMNTS

OCTOBER 15, 2018

It’s a twist on the business email compromise (BEC) scam that typically involves scammers emailing business owners and seeking payment via wire transfer, ACH or paper check. “No legitimate business or utility will call you and ask you to make a payment using a Green Dot card,” AG Frosh said in a statement.

Ransomware

Ransomware Online and Mobile Banking Small Business Scams

Cybersecurity And Digital Reputation: For SMBs, Two Sides Of The Same Coin

PYMNTS

AUGUST 10, 2018

Those threats are vast, but Womply’s own research has found that most of these attacks are in the form of phishing and business email compromise (BEC) scams. On the other side of this coin is the cybersecurity threats that inevitably come with establishing a digital presence of any kind. ”

Cybersecurity

Cybersecurity Small Business Phishing Email Compromise

From Russia, With Malware: US Charges Hackers In $100M Bank Fraud

PYMNTS

DECEMBER 5, 2019

which is the group of hackers behind the Dridex malware used in phishing email attacks. Yakubets, who also has been known as “aqua,” has been cited as being the leader of Evil Corp., Treasury Department also said that he has provided “direct assistance” to the Russian government, and has ties to that country’s intelligence organization.

Treasury

Treasury Wires Wire Credential

From Russia, with Malware: US Charges Hacking Group Evil Corp. In $100M Bank Fraud

PYMNTS

DECEMBER 5, 2019

which is the group of hackers behind the Dridex malware used in phishing email attacks. Yakubets, who also has been known as “aqua,” has been cited as being the leader of Evil Corp., Treasury Department also said that he has provided “direct assistance” to the Russian government, and has ties to that country’s intelligence organization.

Treasury

Treasury Wires Wire Credential

Cyberattackers Turn To Payments Fraud, Ransomware As Tech Firms Fight Back

PYMNTS

OCTOBER 5, 2020

As businesses fall victim to cyberattacks, new data is rolling out to show the prevalence of these incidents — and the scope of efforts by tech firms to help keep businesses safe.

Ransomware

Ransomware AFP Breach Payments

Reopening: The Tech-Enabled Office In A Post-Covid World

CB Insights

JULY 23, 2020

Business email compromise (BEC), where attackers impersonate a corporate email address to fraudulently redirect funds, continues to be one of the most common forms of cyberattacks and takes on several forms. New variations of BEC have emerged during the pandemic. Source: Abnormal Security.

Posting

Posting Cybersecurity Returns Online and Mobile Banking

Harry Potter And The Credit Card Scam?

PYMNTS

DECEMBER 7, 2018

The scope of the scam comes courtesy of cyber threat detection firm Agari, which has said the group, London Blue, seeks to ply its trade through the business email compromise (BEC) effort. Doing so gives it the attack volume of a mass spam campaign, but with the target-specific customization of spear-phishing attacks.”

Scams

Scams Credit Cards Email Compromise Business Email Compromise

Businesses Re-Evaluate Web Security After Attacks On US Government Sites

PYMNTS

DECEMBER 14, 2020

Security experts have advised individuals to be extra vigilant during the busy holiday shopping season, and also warned corporate users working remotely to be aware of a rise in business email compromise (BEC) scams that target players in the COVID-19 vaccine supply chain.

Governance

Governance Government Security Cybersecurity

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

The Payments Association

FEBRUARY 17, 2025

AiTM attacks work by intercepting communication between a user and a legitimate service through phishing techniques. In an AiTM attack, the attacker typically sends a phishing email with a link that directs the victim to a fake login page (redirector or AiTM phishing page) designed to look like a legitimate service.

Phishing

Phishing Multifactor Authentication Authentication Credential

Invoice Fraud Strikes Amazon In $19M Scam

Why The Data Breach Decline Is Bad News For Businesses

Fraudsters Try New Spins On The BEC Scam

Webinars

The Big Spike In ‘CEO Fraud’

KnowBe4 Phishing Tool Looks To Take Down CEO Fraud

What is Business Email Compromise (BEC)?

Email’s Role In Combatting Business Email Compromise

Report: Email Variants Keep BEC Fraud Humming Along

Scammers Prove Corporate Payments Fraud Comes In All Shapes And Sizes

Phishing Scam Masquerades As Square To Target Businesses

BEC Targets BSA Officials At Credit Unions

Report: BEC Fraud Increasingly Goes Mobile

Why fraud is spiking in business email payments

BEC Fraudsters Eye HR Departments As Prey

Tax Season Adds Extra Fraud Weight For SMBs

SMBs Severely Underestimate Data Breach Costs

New Cyberattacks Surface To Steal Corporate Funds

FBI, BBB Sound Another Business Email Compromise Alarm

Cyberattackers Go Global To Steal Company Cash

Google And Facebook Scammed Out Of $100M

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Scammers Love Bitcoin, But Consumers Aren’t So Enthusiastic

Hacker Tracker: Identity Fraud On The Rise

Organizations' Fraud Threats Rise This Holiday Season

Financial Crime-Fighters Turning The Tide Of COVID-Era Fraud

Lull Hits B2B FinTech Venture Capital Funding

AP Automation Combats COVID Scams

Earnings Season Looms As Multi-Week Fizzle

Facebook Tracker: Anticipation

Study: Financial Pressure Makes CFOs Prone To Fraud

SEC Warns Cos To Prioritize Cybersecurity

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

Facebook, Alphabet Scammer To Serve Five Years In Prison

Businesses Urged Not To Pay Ransom To Cyberattackers

Mastercard Cybersecurity Toolkit Sheds Light On SMB Education Gap

From The Phone To Email: How Scammers Hit SMBs

Cybersecurity And Digital Reputation: For SMBs, Two Sides Of The Same Coin

From Russia, With Malware: US Charges Hackers In $100M Bank Fraud

From Russia, with Malware: US Charges Hacking Group Evil Corp. In $100M Bank Fraud

Cyberattackers Turn To Payments Fraud, Ransomware As Tech Firms Fight Back

Reopening: The Tech-Enabled Office In A Post-Covid World

Harry Potter And The Credit Card Scam?

Businesses Re-Evaluate Web Security After Attacks On US Government Sites

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

Stay Connected