FBI reveals BEC attacks pilfered $2.3bn from US companies

Discussion in 'other security issues & news' started by Minimalist, Apr 9, 2016.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,089
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,089
    Employee gets email requesting transaction of money to another account. Email seems to come from their boss (email address similar to their boss'). So they transfer the money thinking it is a legit payment (let's say paying an invoice from their supplier). Please explain me how HIPS / anti-loggers can help here.
     
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Actual this is about corporate IT security training. Of course, security and training have always been on the bottom of most corps. budget criteria.

    It does show however, the deplorable current state of most e-mail security scanning software. For a developer wanting to make a bundle, this is where I would concentrate my resources.
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,089
    Yes, it's mostly about training, always double-checking info about payments delivered through email and similar. Install and forget solutions IMO won't work here.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    It depends on the type of attack. The most simple attacks work like the way you described, but the more advanced ones are using malware like the HawkEye trojan to infiltrate corporate networks, in order to increase the chance of a successful attack. That's why I said that both user education and security tools are needed.
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,089
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,089
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
Loading...