Workers prepare a presentation of advanced e-mail the day before the CeBIT technology trade. New research found that business email compromise (BEC) attacks focused on invoice or payment fraud and targeting group mailboxes increased 212 percent from second to third quarter. (Photo by Sean Gallup/Getty Images)
New research found that business email compromise (BEC) attacks focused on invoice or payment fraud and targeting group mailboxes increased 212 percent from second to third quarter.
While invoice and payment fraud attacks on the c-suite are still prevalent, the sharp rise in attacks on group email boxes was significant because it pointed to a new favorite attack vector.
“Sending to group email boxes is a great way for attackers to gain credibility,” said Ken Liao, vice president of cybersecurity strategy at Abnormal Security, which posted its third quarter BEC report today. “The attackers can send the email around and once colleagues see that one or two of their coworkers have responded they are more likely to click. It’s also a good line of attack because you don’t need to get to the CFO or c-suite to get an invoice approved.”
The report also found that Q3 was marked by a 155 percent overall increase in invoice and payment fraud BEC attacks across the eight industries studied. Liao said while this trend was particularly notable for the retail-consumer goods and manufacturing sector, it was als ..
Support the originator by clicking the read the rest link below.
