Vane3alga

Business
Focused
Technology

BEC Group Launches Hundreds of Campaigns

IT360
IT360

A business email compromise (BEC) gang has launched more than 350 attacks against organizations in the US, according to researchers at Abnormal Security. The threat actor, which Abnormal Security tracks as “Firebrick Ostrich,” conducts open-source reconnaissance on their targets in order to construct their scam.

“In contrast to other forms of financial supply chain compromise where an attacker has deep insight into a specific vendor/customer relationship, third-party reconnaissance occurs when an attacker knows that there is a relationship between two organizations but has limited or no knowledge about actual outstanding payments,” the researchers write. “In essence, an attacker in these cases has the necessary context to impersonate a vendor but not enough information to be specific in their payment request.”

Cybercriminal Uses Direct Social Engineering

The threat actor then sends the customer organization an invoice posing as the vendor.

“Once an attacker has collected this information, they will then initiate their attack by impersonating the vendor and emailing the customer, inquiring about a potential outstanding payment,” the researchers write. “Because the attacker doesn’t have specific knowledge about an actual overdue invoice, these initial emails tend to be more general requests—rather than containing specific details that might be found in a traditional vendor email compromise attack.”

In addition, the threat actors can ask the victim to change the vendor’s banking information, so that future payments will be sent to the attackers until the vendor notices they haven’t been paid.

“Instead of requesting payment for a current invoice, another tactic that a threat actor might use is to simply request that a vendor’s stored bank account details be updated so any future payments get redirected to the new account,” the researchers explain. “This tactic is a little more stealthy, as the attacker isn’t requesting an immediate payment—the red flag accounts payable specialists are taught to notice. These attackers are playing a longer game, hoping that a simple request now will result in a payment to their redirected account with the next payment.”

Abnormal Security has the story.

Source: KnowBe4

Success Stories

Principal Owner, Marketing Firm

Bringing IT360 on as our technology services “department” was one of the smartest business decisions we’ve made. Over the years, we’ve tried various similar services and have also hired internal IT staff, and we’ve never felt confident that we were adequately supported. IT360 has changed all that. They not only provide proactive, comprehensive technical support and consulting, they engage with us in a way that feels like they are part of our company…a true business partner.

Principal Owner, Marketing Firm

Recent
Technology News

IT360 News
How AI Can help Accountants During Tax Season By Streamlining Processes and Enhancing Efficiency

What season is it? If your Bugs Bunny, it’s “wabbit” season…for the rest of us, well, it’s TAX SEASON! Tax season brings a wave of stress and pressure for accountants as they navigate numerous financial documents, compliance regulations, and client consultations. The advent of Artificial Intelligence (AI) is revolutionizing the accounting profession by offering innovative […]

Read more
IT 360 News - Successful Automation, Seamless Invoice Processing
Successful Automation, Seamless Invoice Processing

In the fast-paced world of managed IT services, efficiency and accuracy in financial operations are crucial for maintaining client trust and operational effectiveness. IT360 is proud to announce the successful completion of a critical project aimed at streamlining our invoice processing system, addressing a challenge that had been impacting our financial workflows. Problem Overview: IT360 […]

Read more