PYMNTS

AUGUST 17, 2020

In this week’s Data Digest, PYMNTS rounds up the latest cases and research into how corporates are being targeted with crimes like the business email compromise (BEC) scam, as well as how they’re fighting back. When it comes to fraud threats, no company — large or small — is immune.

Business Email Compromise 94

Business Email Compromise Federal Trade Commission Scams Cybersecurity 94

PYMNTS

AUGUST 24, 2020

The business email compromise (BEC) scam continues to rear its ugly head at the enterprise, with the global pandemic creating even more avenues through which cyber attackers can steal company money. At the heart of BEC and other scams is impersonation.

Deepfake 61

Deepfake Business Email Compromise Scams Multifactor Authentication 61

PYMNTS

OCTOBER 15, 2018

It’s a twist on the business email compromise (BEC) scam that typically involves scammers emailing business owners and seeking payment via wire transfer, ACH or paper check. “No legitimate business or utility will call you and ask you to make a payment using a Green Dot card,” AG Frosh said in a statement.

Ransomware 77

Ransomware Online and Mobile Banking Small Business Scams 77

PYMNTS

JUNE 3, 2020

That’s especially important as criminals seek to use eCommerce to commit what might be termed “authorized fraud” as bad actors get hold of card details or log-in credentials, pose as legitimate account holders and send payments. Authorized fraud also encompasses business email compromise (BEC) scams, too, said Tharle.

Business Email Compromise 71

Business Email Compromise Email Compromise Real Time Payments Authentication 71

PYMNTS

JULY 1, 2019

As noted in a report by FireEye, the bad guys are continuing to leverage a tactic known as business email compromise (BEC), where that method of communication seeks to impersonate persons of authority from within a firm, or alternatively, legitimate business partners, to requests funds be sent to accounts (and then of course, pilfered).

Business Email Compromise 61

Business Email Compromise Phishing Email Compromise Credential 61

PYMNTS

APRIL 26, 2019

Business email compromise (BEC) scams are gaining traction, and bilking unwitting individuals and companies out of an increasing amount of money. Payroll diversion has become a significant form of payments fraud as well — in this case, the bad actors snare login credentials from employees, and change direct deposit information.

Business Email Compromise 57

Business Email Compromise FBI Scams Wires 57

PYMNTS

APRIL 4, 2019

Meanwhile, instances of the Business Email Compromise (BEC) are also on the rise: About 47 percent of all incidents examined last year were the result of a hack or malware — and, of those, about half were BEC scams. Through the spear phishing campaign, an unwilling employee inputs those credentials for the criminal.

Ransomware 63

Ransomware Phishing Direct Deposit Business Email Compromise 63

PYMNTS

APRIL 21, 2020

Business email compromise (BEC), B2B phishing scams, synthetic identities, fake accounts and trillions of aid dollars flooding out at a time of maximum uncertainty make this a fraudster’s paradise. COVID-19 has afforded internet villains what will certainly go down as the greatest cybertheft opportunity of their shadowy lifetimes.

Scams 63

Scams Automation Phishing Email Compromise 63

PYMNTS

AUGUST 8, 2018

Business Email Compromise scams continue to grow and steal more corporate money than ever before. Phishing emails — 93 percent of which include ransomware, according to ITProPortal — should by no means be ignored. Compare that to ransomware, which made up just 11 percent. Attackers then use that malware to access bank accounts.

Ransomware 44

Ransomware Phishing Email Compromise Online and Mobile Banking 44

PYMNTS

AUGUST 30, 2017

It first emerged in March of this year, the company said, and was used mostly to steal online banking information and credentials to infiltrate bank accounts and steal money. Once the user clicks on the PDF file, the computer is infected and finds more email addresses to spread.

Email Compromise 49

Email Compromise Cybersecurity Small Business Consulting 49

PYMNTS

JANUARY 16, 2020

The business email compromise (BEC) scam is a cybersecurity threat to businesses of all sizes, and the financial and security implications of a successful attack aren’t isolated to its target. Attackers also turn to developing fraudulent portals to compromise professionals’ email credentials, for example.

Business Email Compromise 44

Business Email Compromise Security Scams Email Compromise 44

PYMNTS

APRIL 12, 2019

Thus, business email compromise fraud (BEC) is evolving too. Said Adrien Gendre, chief solution architect for Vade Secure, on the site: the email scams “are not isolated, that’s for sure.”.

Business Email Compromise 46

Business Email Compromise AFP ACH Email Compromise 46

PYMNTS

MAY 2, 2019

Twenty-nine percent said payment data was compromised, while nearly one-quarter said proprietary company data was exposed. The report also pointed to data stolen from law firms and cyberattackers’ ability to use that information to obtain employee credentials about pending deals. million business email compromise scam.

Data Breach 55

Data Breach Third Party Vendors Breach Cybersecurity 55

PYMNTS

FEBRUARY 16, 2018

The two were part of a larger group that stole online credentials, personal information and credit and debit card numbers between 2005 and 2012. The business email compromise scam saw an increase of 10 percent during those two years. The two pled guilty in September 2015.

Email Compromise 40

Email Compromise Debit Card Credential Scams 40

PYMNTS

APRIL 5, 2019

The attacks are targeted ones, said Arruda, who noted that hackers don’t usually directly try to hack banks or credit unions, but instead try to get access through the aforementioned email campaigns, where the credentials are stolen and the stolen credentials are leveraged to gain access to the FI.

FBI 50

FBI Credit Union Credential Cybersecurity 50

PYMNTS

JUNE 1, 2017

Take the Business Email Compromise, for example. That’s because cyber attackers aren’t just using automated, malware-first approaches to their crimes anymore. Our data shows 60 percent of the time, a successful attack happens when there is no malware,” he said.

Cybersecurity 55

Cybersecurity Breach Email Compromise Compromise 55

PYMNTS

APRIL 9, 2018

Likewise, cybersecurity tools are limited when stopping other employee behaviors that lead to data breaches, like sending credentials or money to bad actors and fraudulent accounts. IBM warned that some of the most common human errors linked to data breaches involve “basic misjudgment.” To err is human,” IBM said in its report.

Data Breach 49

Data Breach Breach Cybersecurity Phishing 49

PYMNTS

JUNE 23, 2016

For some, like small suppliers, a compromise of sensitive data and credentials can lead to a few hundred or thousand dollars fraudulently obtained from a business client, often via the Business Email Compromise scam. The impact from a data breach on an enterprise can be a mixed bag.

Cybersecurity 40

Cybersecurity Data Breach Assessments Breach 40

PYMNTS

MAY 5, 2017

The compromised Sabre system reports offering seamless connectivity to over 120 property management, 7 revenue management, 7 CRM and 18 content management solutions according to the company’s website. To begin, some 32,000 properties use the travel tech company’s reservation system. But that’s not all.

Breach 45

Breach Business Email Compromise Data Breach Cybersecurity 45

FICO

APRIL 29, 2022

04%), NACHA officials say business email compromise attempts are on the upswing – just as they are across every channel. The short version: Be diligent and vigilant about who you’re giving your personal information and credentials to. ACH volumes in the United States increased 8.7% Check yourself before you wreck yourself.

Retail Payments 52

Retail Payments Zelle Romance Scams Consumer 52

The Payments Association

FEBRUARY 17, 2025

In an AiTM attack, the attacker typically sends a phishing email with a link that directs the victim to a fake login page (redirector or AiTM phishing page) designed to look like a legitimate service. These schemes typically involve: Phishing emails : Crafted to trick users into sharing login credentials.

Phishing 88

Phishing Multifactor Authentication Authentication Credential 88