BEC scams - Security Ticks

EvilTokens ramps up device code phishing targeting Microsoft 365 users

account hijacking, BEC scams, Don't miss, financial industry, Hot stuff, Human Resources, Microsoft 365, Mnemonic, News, phishing, Sekoia.io, social engineering, transportation / SecurityTicks

EvilTokens ramps up device code phishing targeting Microsoft 365 users 2026-03-31 at 17:56 By Zeljka Zorz Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, a new, specialized phishing toolkit that’s being offered as-a-service via Telegram. What is […]

EvilTokens ramps up device code phishing targeting Microsoft 365 users Read More »

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

BEC scams, cybersecurity, Don't miss, Email, Expert analysis, Expert corner, Fortra, News, opinion, phishing / SecurityTicks

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring 2025-12-18 at 16:12 By Help Net Security Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade as professional services firms

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring Read More »

Cybercriminals are getting personal, and it’s working

BEC scams, cybercriminals, email security, News, phishing, VIPRE Security / SecurityTicks

Cybercriminals are getting personal, and it’s working 2025-08-07 at 09:15 By Help Net Security Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits can’t easily be reverse-engineered, tracked, or caught. AI makes them

Cybercriminals are getting personal, and it’s working Read More »

Property renters targeted in simple BEC scam

BEC scams, Don't miss, France, Hot stuff, News, phishing, Proofpoint, social engineering / SecurityTicks

Property renters targeted in simple BEC scam 2025-04-30 at 14:32 By Zeljka Zorz Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam preying on renters “Most campaigns are sent from compromised mailboxes belonging to educational institutions in

Property renters targeted in simple BEC scam Read More »

Evolving cybercriminal tactics targeting SMBs

BEC scams, cybercrime, Don't miss, Hot stuff, Todyl, Video / SecurityTicks

Evolving cybercriminal tactics targeting SMBs 2024-10-21 at 07:01 By Help Net Security A recent Todyl report revealed a 558% increase in BEC (Business Email Compromise), AiTM (Adversary-in-the-Middle), and ATO (Account Takeover) attacks in 2024. In this Help Net Security video, David Langlands, Chief Security Officer at Todyl, discusses these evolving cyber threats. Here are the

Evolving cybercriminal tactics targeting SMBs Read More »

Losses due to cryptocurrency and BEC scams are soaring

BEC scams, Cryptocurrency, Don't miss, FBI, fraud, Hot stuff, News / SecurityTicks

Losses due to cryptocurrency and BEC scams are soaring 2024-09-12 at 14:01 By Zeljka Zorz Every type of fraud is on the rise, and 2023 was a particularly devastating year for victims of cryptocurrency and business email compromise (BEC) scams, according to the FBI. Cryptocurrency fraud Based on complaints filed to FBI’s Internet Crime Complaint

Losses due to cryptocurrency and BEC scams are soaring Read More »

Cybercriminals exploit file sharing services to advance phishing attacks

Abnormal Security, attacks, BEC scams, cybercrime, cybersecurity, News, phishing, report, survey / SecurityTicks

Cybercriminals exploit file sharing services to advance phishing attacks 2024-08-20 at 06:01 By Help Net Security Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of phishing threat in which

Cybercriminals exploit file sharing services to advance phishing attacks Read More »

Scammers dupe chemical company into wiring $60 million

BEC scams, Don't miss, Europe, fraud, Hot stuff, manufacturing sector, News, USA / SecurityTicks

Scammers dupe chemical company into wiring $60 million 2024-08-13 at 16:46 By Zeljka Zorz Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties.” The scammers targeted an employee Orion

Scammers dupe chemical company into wiring $60 million Read More »

The changes in the cyber threat landscape in the last 12 months

Artificial Intelligence, BEC scams, cybercrime, cybercriminals, dark web, Don't miss, EU, Europol, extortion, fraud, Hot stuff, News, phishing, Ransomware, sextortion / SecurityTicks

The changes in the cyber threat landscape in the last 12 months 2024-07-23 at 14:31 By Zeljka Zorz When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable. Europol’s recently released Internet Organised Crime Threat Assessment (IOCTA) 2024 report covers

The changes in the cyber threat landscape in the last 12 months Read More »

Strategies for combating AI-enhanced BEC attacks

access management, Artificial Intelligence, BEC scams, credentials, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, scams, strategy, TeamViewer / SecurityTicks

Strategies for combating AI-enhanced BEC attacks 2024-05-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams? BEC attacks are

Strategies for combating AI-enhanced BEC attacks Read More »

56% of cyber insurance claims originate in the email inbox

BEC scams, Coalition, cybersecurity, email security, firewall, Insurance, News, Ransomware, report, survey, VPN / SecurityTicks

56% of cyber insurance claims originate in the email inbox 2024-04-25 at 13:01 By Help Net Security 56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber

56% of cyber insurance claims originate in the email inbox Read More »

How CISOs tackle business payment fraud

Artificial Intelligence, BEC scams, CISO, cybersecurity, Don't miss, Email, fraud, Hot stuff, supply chain, Trustmi, Video / SecurityTicks

How CISOs tackle business payment fraud 2024-03-28 at 07:01 By Help Net Security In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain. These are

How CISOs tackle business payment fraud Read More »

Email security trends in the energy and infrastructure sector

Abnormal Security, attacks, BEC scams, critical infrastructure, cybersecurity, Don't miss, Email, email security, energy sector, Hot stuff, risk, Video / SecurityTicks

Email security trends in the energy and infrastructure sector 2024-03-11 at 09:07 By Help Net Security In this Help Net Security video, Mike Britton, CISO at Abnormal Security, discusses how energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. According to Abnormal Security data, from February 2023

Email security trends in the energy and infrastructure sector Read More »

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack

BEC scams, cybercrime, Don't miss, EU, Hot stuff, News, phishing / SecurityTicks

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack 2024-02-28 at 16:34 By Zeljka Zorz Pepco Group has confirmed that its Hungarian business has been hit by a “sophisticated fraudulent phishing attack.” The European company, which operates shops under the Pepco, Poundland and Dealz brands, said that the company lost approximately €15.5 million

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack Read More »

Understanding employees’ motivations behind risky actions

Artificial Intelligence, BEC scams, cybersecurity, News, phishing, Proofpoint, Ransomware, report, risk, security awareness, training / SecurityTicks

Understanding employees’ motivations behind risky actions 2024-02-28 at 07:31 By Help Net Security More 68% of employees knowingly put their organizations at risk, potentially leading to ransomware or malware infections, data breaches, or financial loss, according to Proofpoint. Perception on security responsibility And while the incidence of successful phishing attacks has slightly declined (71% of

Understanding employees’ motivations behind risky actions Read More »

Secure email gateways struggle to keep pace with sophisticated phishing campaigns

BEC scams, Cofense, credentials, cybercrime, Email, News, phishing, QR codes, report / SecurityTicks

Secure email gateways struggle to keep pace with sophisticated phishing campaigns 2024-02-23 at 07:02 By Help Net Security In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense. In just two years, Cofense identified over 1.5 million malicious emails bypassing their customers’ SEGs, signaling a 37% increase

Secure email gateways struggle to keep pace with sophisticated phishing campaigns Read More »

Flipping the BEC funnel: Phishing in the age of GenAI

Artificial Intelligence, BEC scams, CISO, cybersecurity, Don't miss, email security, Expert analysis, Expert corner, generative AI, Hot stuff, Ironscales, News, opinion, phishing, SOC / SecurityTicks

Flipping the BEC funnel: Phishing in the age of GenAI 2024-01-15 at 08:02 By Help Net Security For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic (and usually poorly-written) email and fire it out to thousands of recipients in the hope that a few might take the

Flipping the BEC funnel: Phishing in the age of GenAI Read More »

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

account hijacking, BEC scams, cryptojacking, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, Microsoft Entra ID, News, OAuth, phishing, spam / SecurityTicks

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns 13/12/2023 at 16:46 By Helga Labus Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns Read More »

SMBs face surge in “malware free” attacks

BEC scams, Don't miss, Hot stuff, Huntress, Malware, News, Ransomware, remote management, SMBs, trends / SecurityTicks

SMBs face surge in “malware free” attacks 28/11/2023 at 12:51 By Helga Labus “Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a

SMBs face surge in “malware free” attacks Read More »

Cyber insurance predictions for 2024

BEC scams, cyber insurance, cybersecurity, Don't miss, Hot stuff, Optiv Security, predictions, Ransomware, Video / SecurityTicks

Cyber insurance predictions for 2024 16/11/2023 at 08:01 By Help Net Security In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims will remain at the forefront of cyber insurance claims Cyber insurance

Cyber insurance predictions for 2024 Read More »