Business email compromise (BEC) attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019.
Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims. For instance, a cybercriminal gang that researchers call “Exaggerated Lion” has been making use of G Suite and extremely long domain names to swindle millions of dollars out of its victims.
Crane Hassold, senior director of research with Agari, talks to Threatpost at RSA 2020 about how BEC scams are becoming more dangerous and trickier to detect.
Check out more Threatpost in-depth interviews here, and be sure to subscribe to Threatpost’s YouTube channel to stay updated on the latest videos.
Concerned about the IoT security challenges businesses face as more connected devices run our enterprises, drive our manufacturing lines, track and deliver healthcare to patients, and more? On June 3 at 2 p.m. ET, join renowned security technologist Bruce Schneier, Armis CISO Curtis Simpson and Threatpost for a FREE webinar, Taming the Unmanaged and IoT Device Tsunami. Get exclusive insights on how to manage this new and growing attack surface. Please register here for this sponsored webinar.
