BEC Scam Targets Executives' Office 365 Accounts

BEC Scam Targets Executives' Office 365 Accounts
Trend Micro: 'Water Nue' Payment Fraud Campaign Has Targeted 1,000 Companies Since March Chinmay Rautmare (@crautmare) • August 10, 2020     This illustration shows how the Water Nue BEC scam targets Office 365 credentials. (Source: Trend Micro)

A recently uncovered business email compromise scam has targeted the Office 365 accounts of business executives at over 1,000 companies worldwide, collecting more than 800 sets of credentials in an attempt to commit payment fraud, according to the security firm Trend Micro.


See Also: How To Cut Through The Web Of Insurance Fraud


The group behind the campaign, which Trend Micro researchers call "Water Nue," is not technically sophisticated, but the fraudsters appear extremely proficient. Since March, the gang apparently has targeted companies worldwide with spear-phishing attacks, according to the Trend Micro report.


The goal of this scam is to capture the Office 365 credentials of executives, especially those working in finance, and then create phony documents and invoices that are sent to lower-level employees, according to the report. Payments made for the fake invoices are transferred to the fraudsters' accounts, the researchers say.


"We first noticed the campaign from a large group of email domains used in phishing attempts. We found that most of the recipients hold high corporate positions, particularly in the finance department," the Trend Micro report notes.


The campaign is continuing, with the gang switching its infrastructure and domains if their phishing emails or websites are blacklisted, according to the report.


Lucrative Scams


Over the last several years, BEC scams have become an increasingly lucr ..

Support the originator by clicking the read the rest link below.