Microsoft released the 4th edition of its cyber threat report ‘Cyber Signals’ on the 22nd.
Cyber Signal shares security trends and analysis information collected from 43 trillion Microsoft security signals generated daily and 8,500 security experts. This report outlines the trends in ‘Business Email Compromise’ (BEC) attacks and how organizations can defend against them.
The Microsoft Threat Intelligence Digital Crimes team detected and investigated 35 million BEC attempts in one year from April of last year to April of this year. This means that an average of 156,000 BEC attempts occurred per day. The team also observed a 38% increase in cybercriminal as a service (CaaS) targeting business emails last year compared to 2019.
BEC attackers have exploited the daily flood of email traffic and messages. Through this, the victim was induced to provide financial information or unknowingly send money to the account of the money carrier used for the criminal’s fraudulent money transfer.
The Microsoft Threat Intelligence Digital Crimes team explained that these threat actors’ BEC attempts took many forms, including phone calls, text messages, emails, and social media (SNS) messages. He added that spoofing authentication request messages or impersonating individuals or companies is also a common tactic.
Threat actors often targeted BECs in specific roles, such as senior executives, financial managers, and human resources staff with access to employee records. Also targeted were new hires who were less likely to verify the trustworthiness of their email requests.
“Cyber risk is a problem that must be addressed in a cross-functional way by each responsible person for IT, compliance and cyber risk, along with business leaders, finance and human resources managers, and the BEC attack illustrates why,” said Basu Jackal, corporate vice president of security at Microsoft. “Companies need to bolster existing defense systems with AI capabilities and anti-phishing, and train employees to recognize warning signs and prevent BEC attacks.”
【Seoul = Newsis】
Source: Donga
Mark Jones is a world traveler and journalist for News Rebeat. With a curious mind and a love of adventure, Mark brings a unique perspective to the latest global events and provides in-depth and thought-provoking coverage of the world at large.