No menu items!

Microsoft “Average 150,000 business email breaches per day worldwide”

Share This Post

- Advertisement -

Microsoft released the 4th edition of its cyber threat report ‘Cyber ​​Signals’ on the 22nd.

Cyber ​​Signal shares security trends and analysis information collected from 43 trillion Microsoft security signals generated daily and 8,500 security experts. This report outlines the trends in ‘Business Email Compromise’ (BEC) attacks and how organizations can defend against them.

- Advertisement -

The Microsoft Threat Intelligence Digital Crimes team detected and investigated 35 million BEC attempts in one year from April of last year to April of this year. This means that an average of 156,000 BEC attempts occurred per day. The team also observed a 38% increase in cybercriminal as a service (CaaS) targeting business emails last year compared to 2019.

BEC attackers have exploited the daily flood of email traffic and messages. Through this, the victim was induced to provide financial information or unknowingly send money to the account of the money carrier used for the criminal’s fraudulent money transfer.

- Advertisement -

The Microsoft Threat Intelligence Digital Crimes team explained that these threat actors’ BEC attempts took many forms, including phone calls, text messages, emails, and social media (SNS) messages. He added that spoofing authentication request messages or impersonating individuals or companies is also a common tactic.

Threat actors often targeted BECs in specific roles, such as senior executives, financial managers, and human resources staff with access to employee records. Also targeted were new hires who were less likely to verify the trustworthiness of their email requests.

“Cyber ​​risk is a problem that must be addressed in a cross-functional way by each responsible person for IT, compliance and cyber risk, along with business leaders, finance and human resources managers, and the BEC attack illustrates why,” said Basu Jackal, corporate vice president of security at Microsoft. “Companies need to bolster existing defense systems with AI capabilities and anti-phishing, and train employees to recognize warning signs and prevent BEC attacks.”

【Seoul = Newsis】

Source: Donga

- Advertisement -

Related Posts