GenAI Is Powering the Latest Surge in Modern Email Threats

Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated Read More …

North Carolina: Around £2.1 million has been stolen from the housing agency as the US Secret Service is investigating

It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a Read More …

WormGPT, PoisonGPT: How generative AI can become a tool for criminals

A cybersecurity firm discovered a new generative artificial intelligence tool called WormGPT that is being sold to criminals. Another firm created a malicious generative AI tool called PoisonGPT to test how the technology can be used to intentionally spread fake Read More …

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts uncovered a multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attack against banking and financial services organizations. The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC Read More …

Cyber Signals: Shifting tactics fuel surge in business email compromise

Today Microsoft released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022. Read More …

Business Email Compromise Tactics Used to Facilitate the Acquisition of Commodities and Defrauding Vendors

The FBI warns the public of criminal actors using Business Email Compromise (BEC) schemes to facilitate the acquisition of a wide range of commodities. BEC is one of the most financially damaging online crimes. It exploits the fact that so Read More …

What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

In September 2022, Trend Micro researchers observed a new potential BEC campaign that was targeting large companies around the world which we believe has been running since April 2022. By carefully selecting their target victims and leveraging open-source tools, the Read More …

FBI: Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients

The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are releasing this joint Cybersecurity Advisory (CSA) to advise the Food & Agriculture sector about recently Read More …

The benefits of taking an intent-based approach to detecting Business Email Compromise 

Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a Read More …

BEC attacks: Most victims aren’t using multi-factor authentication – apply it now and stay safe

There has been a big rise in Business Email Compromise (BEC) attacks – and most victims work at organisations which weren’t using multi-factor authentication (MFA) to secure their accounts. BEC attacks are one of the most lucrative forms of cyber Read More …