#BEC – Xynik

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

October 9, 2024 by Xynik

October 9, 2024 at 01:03AM Microsoft warns of cyber attack campaigns exploiting file hosting services like SharePoint and OneDrive. These attacks aim to compromise identities and conduct business email compromise (BEC) fraud. Phishing tactics include using view-only files requiring OTP authentication, leading to credential theft through adversary-in-the-middle (AitM) phishing pages. ### Meeting Takeaways – Oct … Read more

Police take just 2 days to recover $40M stolen in business email scam

August 7, 2024 by Xynik

August 7, 2024 at 07:37AM Interpol recovered over $40 million in a recent business email compromise heist within two days of the crime. The victim company was scammed into sending funds to a fake supplier account in Timor-Leste. With the assistance of local police, $39 million was intercepted, and seven arrests made. Despite this, the … Read more

‘ONNX’ MFA Bypass Targets Microsoft 365 Accounts

June 19, 2024 by Xynik

June 19, 2024 at 01:29PM A phishing-as-a-service operation is targeting financial firms using advanced tactics such as 2FA bypass, QR codes, and typosquatting to compromise Microsoft 365 accounts. The origin of the campaign was traced to a platform called ONNX Store, which operates through Telegram bots. Countermeasures include blocking unverified PDF and HTML attachments, implementing … Read more

DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks

June 4, 2024 by Xynik

June 4, 2024 at 03:00AM The DarkGate malware-as-a-service (MaaS) operation has shifted to using an AutoHotkey mechanism for delivering its final stages, underscoring ongoing efforts to evade detection. Developed by RastaFarEye, it includes remote access trojan (RAT) capabilities and various malicious modules. Cyber criminals have been found abusing Docusign for phishing and business email compromise … Read more

FBI: Critical infrastructure menaced by spike in ransomware

March 6, 2024 by Xynik

March 6, 2024 at 03:55PM The FBI’s 2023 Internet Crime Complaint Center (IC3) report reveals over $12.5 billion in digital crime losses. With 880,418 complaints, representing a 10 percent increase, the monetary loss rose by 22 percent. Notably, only 15 percent of fraud victims report crimes, and ransomware infections and investment scams were prominent, with … Read more

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes

December 14, 2023 by Xynik

December 14, 2023 at 06:07AM Miscreants are using OAuth to automate financially motivated cyber crimes, such as BEC, phishing, and deploying virtual machines for crypto mining, as highlighted by Microsoft. These criminals leverage compromised accounts to create OAuth applications and manipulate user permissions. Microsoft suggests monitoring Azure audit logs for illicit mining activities and enabling … Read more