Hack Of C-Suite Email Addresses Portends Surge In BEC Fraud – pymnts.com


A hacker is reportedly selling information from hundreds of C-suite executives’ Microsoft-based email accounts, according to a report from Engadget.

The targets spanned CEOs, vice presidents and directors, and included “the chief of a mid-sized American software company, the president of a U.S. apparel maker and the CFO of a European retail chain,” according to Engadget.

The accounts went on the market at a limited-access forum in the Russian underground. They’ve been selling for $100 to $1,500 based on the value, and threat intelligence experts note that the accounts might have been accessed via a data-stealing mechanism called AzorUlt, which works by buying data from computers infected by the program.

One source, writing for ZDNet, claimed to have confirmed the authenticity of at least two such accounts, although the Engadget report notes that it was unable to verify this for every victim. The ZDNet tipster has also gone about notifying others whose account information is known to have leaked.

The theft, if successful, could have hurt both executives and workers, and could be used in the future for a wide range of scams targeting companies by posing as leaders and scamming people into sending money. The accounts could also be used for blackmail, and intruders could be used to undermine email-based two-factor authentication, the Engadget report says.

Cyber attacks have increased in scope and volume since the pandemic, with fraudsters taking advantage of the mass confusion and quick digital shift to prey on victims.

READ  Guild Education Promotes Top Female Executives to Roles of Chief Technology Officer, Chief Experience Officer & Head of Platform - PRNewswire

Securities and Exchange Commission (SEC) Chairman Jay Clayton, speaking on CNBC, said businesses need to be more aware of the threats posed to their companies from attacks. The SEC put out various alerts over the entirety of the pandemic on the danger of the attacks, warning various sizes of businesses about ransomware attacks affecting broker dealers and investment advisors as well as credential compromises taking peoples’ login information and exposing private information.

——————————

NEW PYMNTS STUDY: ACCELERATING THE REAL-TIME PAYMENTS DEMAND CURVE – NOVEMBER 2020

About: Accelerating The Real-Time Payments Demand Curve:What Banks Need To Know About What Consumers Want And Need, PYMNTS  examines consumers’ understanding of real-time payments and the methods they use for different types of payments. The report explores consumers’ interest in real-time payments and their willingness to switch to financial institutions that offer such capabilities.





READ SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here