After barely registering a pulse last year, W2-based business email compromise (BEC) scams are back with a vengeance thanks to coronavirus-related business upheaval. With the 2019 tax filing deadline pushed back to July 15, 2020, and as much as 66% of all corporate employees working from home, operations for many companies have been anything but business as usual. Still we are surprised to see a...

Recently, news broke about how a sophisticated Nigerian cybercriminal organization has been committing mass unemployment fraud against a number of states, including Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming. Based on information uncovered by the Agari Cyber Intelligence Division, some, if not all, the actors behind these fraudulent schemes are likely...

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication, Reporting, and Conformance ( DMARC ) to prevent cybercriminals from hijacking an organization's domains to launch phishing attacks that put the public at risk. A case in point - the World Health Organization (WHO). The UN's international public health agency has been issuing warnings...

With billions of dollars in stimulus being earmarked for US companies and individuals reeling from the economic fallout of the coronavirus pandemic, business email compromise (BEC) rings are angling for a piece of the pie. At the top of the menu: banks, lenders, and other financial services organizations chartered with managing key facets of this unprecedented distribution effort. But for an...

Since the beginning of February, we have seen more than a 3,000% increase in Coronavirus-themed phishing attacks targeting our customers. The spike in attacks is as logical as it is repugnant. With an estimated 75 million employees more reliant than ever on email during the largest "work-from-home experiment" in history, phishing scammers and other threat actors seem hellbent on exploiting...

Government officials are issuing fresh warnings about COVID-19 related business email compromise (BEC) scams targeting legions of remote workers participating in what has become "the world's largest work-from-home experiment." The troubling rise in success rates for these attacks could have serious implications for the future of email security. In just the last few weeks, cybercriminals...

As cybercrime gangs exploit COVID-19 to target the lonely, victims (and their banks) could get jilted out of millions. Law enforcement agencies around the world are reporting a surge in romance scams as fraudsters seek to cash in on the profound loneliness many people are feeling due to social distancing amid the coronavirus pandemic. Those who fall prey could face financial ruin or get conned...

With a growing number of phishing attacks successfully eluding email security controls, losses for businesses and their customers have been mounting fast—and that's before the current tsunami of email scams seeking to exploit the coronavirus pandemic. The good news: Our Spring '20 Release is here to help change that. Since the beginning of March, Agari scored more than 73 million inbound messages...

With 60 million corporate employees working remotely due to the Coronavirus outbreak, cybercriminals are switching up their tactics in business email compromise (BEC) scams. In what has been called the " world's largest work-from-home experiment ," organizations around the globe are being forced to quickly transition to a remote workforce, ready or not. Cybercriminals have opportunistically...

As if coronavirus hasn't put enough of a damper on vacation schedules this spring, corporate employees taking time off might want to rethink their "out of office" email settings for fear a different threat: Business Email Compromise ( BEC ) scams. Sure, the temptation to share humorous details about your big spring adventure can be irresistible for a certain species of corporate denizen...

Even as a handful of leading cybercriminal organizations declare a moratorium on targeting the healthcare sector in the face of the coronavirus pandemic, countless other crime rings appear to be ramping up—including business email compromise (BEC) scammers. Forget honor among thieves, or even basic self-preservation. Email threat actors the world over are launching an unprecedented number of...

Unique BEC Approach May Be a Sign of Things to Come in the Age of COVID-19 Amid a sharp rise in coronavirus-related phishing attacks worldwide, the Agari Cyber Intelligence Division (ACID) has identified what may be the first documented use of the pandemic as a lure in an emerging breed of business email compromise (BEC) scams that can fleece businesses out of millions. In January, we published a...

The legal sector is learning some painful lessons about the growing threat phishing and business email compromise (BEC) scams pose to legal firms' brand reputations—and to their bottom lines. Just ask the five US law offices believed to be hit in recent weeks by email attacks that led to sensitive client information getting posted online in million-dollar extortion schemes fueled by Maze...

Despite increased adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC), the vast majority of Fortune 500 companies remain at risk of email-based brand impersonation, according to our new Q1 2020 Email Fraud & Identity Deception Trends report. According or the report, global DMARC adoption rates surged 83% in 2019, to more than 11.6 million email domains with...

Cybercriminal organizations keep raking in big profits from BEC scams, phishing attacks, and other advanced email threats that continue to prove successful, according to the FBI's new 2019 Internet Crimes Report . Issued this past week, the annual report from the bureau's Crime Complaint Center (IC3) finds US businesses and individuals lost $3.5 billion to cybercriminals in a record 467,361 scams...

Business email compromise (BEC) has become the predominant cyber threat businesses face today. These basic social engineering scams are having a huge impact, to the tune of more than $700 million every month. To make matters worse, the recently-released Internet Crime Report from the FBI’s Internet Crime Complaint Center shows that BEC isn’t going away any time soon, as losses from BEC attacks...

Business Email Compromise (BEC) was solely responsible for over 40% of the total cybercrime losses in 2019, at least according to the latest FBI IC3 report . The FBI’s Internet Crime Complaint Center (IC3) has released its latest Internet Crime Report with data on cybercrime impact in 2019. Corporate data breaches, which lead to leaked databases, documents, and bad press coverage for the company...

Gift cards topped cybercriminal wish lists in 62% of all business email compromise (BEC) scams last quarter, according to our Email Fraud & Identity Deception Trends report . Hardly a shock, given the holiday season. But that doesn't mean there aren't any surprises in the research. The report, published by the Agari Cyber Intelligence Division (ACID), examines the current threat landscape for BEC...

Hint: DMARC Alone Won't Cut It Think the prospect of cybercriminals using your domains to launch phishing attacks sounds bad for your brand? Just wait until you hear the latest on lookalike domains. Over the last few months, researchers have been discovering a troubling number of phishing sites that feature domains meant to impersonate leading brands in a variety of industries. Sometimes referred...

Thanks to the rapid rise of email account takeovers, organizations worldwide are being forced to accept a painful new reality in the battle against phishing and business email compromise (BEC) scams. It's no longer enough to focus on your own attack surface. You need to protect against compromised accounts throughout the supply chain. Commonly referred to as vendor email compromise (VEC), this...