The damage from executive email account takeovers can run into millions of dollars, as recent examples show.
In 2019, Toyota Boshoku Corporation lost $37 million after the information in a payment direction from a third-party was changed, sending millions to the fraudsters. The recent SolarWinds attack was bad enough, and now Nobelium, the group responsible, has since launched a campaign of email attacks appearing to originate from USAID after its Constant Contact email account was compromised.
[ Learn 8 types of phishing attacks and how to identify them and how BEC attacks take phishing to the next level. | Sign up for CSO newsletters. ]Recently, Microsoft 365 Defender researchers disrupted an attack against infrastructure hosted in multiple web services after a phishing attack on a cloud provider netted stolen credentials that were used to access target mailboxes.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
