•   
  •   
  •   

Technology FBI: BEC scams accounted for half of the cyber-crime losses in 2019

01:31  12 february  2020
01:31  12 february  2020 Source:   zdnet.com

Scottish Police bought a fleet of devices for smartphone data-mining

  Scottish Police bought a fleet of devices for smartphone data-mining Police in Scotland are getting ready to roll out a fleet of 'cyber kiosks' that will allow them to mine device data for evidence. The kiosks -- PC-sized machines -- have been designed to help investigations progress faster. At the moment, devices can be taken from witnesses, victims and suspects for months at a time, even if they contain no worthwhile evidence. According to Police Scotland, the kiosks will enable officers to quickly scan a device for evidence, and if relevant information is found, the device will be sent on for further investigation. If not, it can be returned to its owner straight away.

The FBI received 467,361 internet and cyber - crime complaints in 2019 , which the agency estimates have caused losses of more than .5 billion, the The FBI said that almost half of the reported losses -- an estimated .77 billion -- came from reports of BEC (Business Email Compromise), also

The FBI is the lead federal agency for investigating cyber attacks by criminals , overseas adversaries, and terrorists. The inability to access the important data can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to

The FBI received 467,361 internet and cyber-crime complaints in 2019, which the agency estimates have caused losses of more than $3.5 billion, the bureau wrote in its yearly internet crime report released today.

a close up of a map © ZDNet

The FBI said that almost half of the reported losses -- an estimated $1.77 billion -- came from reports of BEC (Business Email Compromise), also known as EAC (Email Account Compromise) crimes.

BEC/EAC is a sophisticated scam targeting businesses and individuals performing wire transfer payments.

"At its heart, BEC relies on the oldest trick in the con artist's handbook: deception," the FBI said back in 2017, when it started receiving an increased number of BEC scams reports.

At a secret lab in Manhattan, technicians spend all day trying to break into iPhones

  At a secret lab in Manhattan, technicians spend all day trying to break into iPhones About a mile away from the Apple Store in Manhattan’s SoHo neighborhood, technicians under the auspices of Manhattan DA Cyrus Vance Jr. spend all day inside a $10 million lab focused on one task: Trying to break into iPhones. Phones like the one that belonged to E’Dena Hines, Morgan Freeman’s 33-year-old granddaughter who was stabbed to death in 2015 and whose boyfriend was convicted of her murder thanks to a video found on E'Dena's phone. ItPhones like the one that belonged to E’Dena Hines, Morgan Freeman’s 33-year-old granddaughter who was stabbed to death in 2015 and whose boyfriend was convicted of her murder thanks to a video found on E’Dena’s phone.

FBI 's Internet Crime Complaint Center (IC3) published the 2019 Internet Crime Report which "In the same way your bank and online accounts have started to require two-factor authentication — apply BEC scams still behind most victim losses . The 2019 cybercrime type with the highest reported total

BEC scams —also known as email account compromise (EAC), CEO fraud, or whaling—have been around since at least 2013. Aggregate losses from internet-enabled theft, fraud, and exploitation reached .7 billion in 2018, and losses from BEC scams accounted for almost one- half of this

A typical BEC scam happens after hackers either compromise or spoof an email account for a legitimate person/company. They use this email account to send fake invoices or business contractors. These are sent to employees in the same company, or upstream/downstream business partners.

The idea is to trick counterparts into wiring money into the wrong bank accounts.

BEC scams are popular because they're (1) dead simple to execute, and (2) don't require advanced coding skills or complex malware.

According to the FBI's 2019 Internet Crime Report, BEC scams were, by a considerable margin, the most damaging and effective type of cyber-crime last year in 2019.

Only 23,775 BEC victim accounted for $1.77 billion in losses for victims, which is on average $75,000/complaint.

Canadian teen calls cops after fake ID doesn’t arrive, prompts police warning on identity theft scams

  Canadian teen calls cops after fake ID doesn’t arrive, prompts police warning on identity theft scams A Canadian teen’s bizarre call to police on Tuesday to report that the fake ID they ordered online never arrived has authorities stepping up efforts to warn of potential identity theft scams. Const. Ed Sanchuk, of the Ontario Provincial Police, West Region, shared in a video message Wednesday that an unnamed Norfolk County teenager reported the fraud.HOW TO PROTECT YOUR CHILD FROM IDENTITY THEFT require(["medianetNativeAdOnArticle"], function (medianetNativeAdOnArticle) { medianetNativeAdOnArticle.

Report Shows Cyber -Enabled Crimes and Costs Rose in 2018. The statistics gathered by the FBI ’s Internet “The 2018 report shows how prevalent these crimes are,” said Donna Gregory, chief of the IC3. These sophisticated scams involve perpetrators infiltrating businesses’ email accounts and

Business Email Compromise/Email Account Compromise ( BEC /EAC) is a sophisticated scam that targets both businesses and individuals who perform The increase is also due in part to greater awareness of the scam , which encourages reporting to the IC3 and international and financial partners.

In comparison, phishing/smishing/vishing accounted for $500 in losses per complaint, while ransomware averaged $4,400.

The latest numbers are out from IC3, and it's a doozy. Not only did

#BEC<\/a> cause over 33x the damages of reported corporate data breaches, the top 6 crimes by losses mostly tie back to Nigerian fraud.

FFS, now can we start to care about

#BEC<\/a>? Please? https:\/\/t.co\/lp21FaBOix<\/a> pic.twitter.com\/WGPIYUCMvZ<\/a><\/p>— Ronnie 'BEC' Tokazowski (@iHeartMalware) February 11, 2020<\/a><\/blockquote>\n","provider_name":"Twitter","provider_url":"https:\/\/twitter.com","type":"rich","url":"https:\/\/twitter.com\/iHeartMalware\/status\/1227314522530230272","version":"1.0","width":550}">

"In 2019, the IC3 observed an increase in the number of BEC/EAC complaints related to the diversion of payroll funds," the FBI said.

"In this type of scheme, a company's human resources or payroll department receives an email appearing to be from an employee requesting to update their direct deposit information for the current pay period. The new direct deposit information generally routes to a pre-paid card account."

1 dead in Grand Prairie's first traffic fatality of 2020

  1 dead in Grand Prairie's first traffic fatality of 2020 A man was hit and killed by a car Saturday afternoon, marking the first traffic fatality in Grand Prairie, police said Sunday. The man, who has not been publicly identified, is suspected to have been drunk when he tried to cross the road around 6:45 p.m. Saturday in the 2500 block of West Main Street and Texas Highway 180, police said. He was crossing the road going north when a woman driving west in a 2019 Acura SUV hit him, police said. TheThe man, who has not been publicly identified, is suspected to have been drunk when he tried to cross the road around 6:45 p.m. Saturday in the 2500 block of West Main Street and Texas Highway 180, police said.

The FBI reported that the Business Email Compromise ( BEC ), aka Email Account Compromise (EAC) — a Much of this training is centered on combating phishing scams and ransomware attacks. There were nearly 4 billion Internet users in 2018 (nearly half of the world’s population of 7.7 billion) Singapore announced the launch of the world’s first commercial cyber risk pool, a facility for providing

Cybercrime , or computer-oriented crime , is a crime that involves a computer and a network. The computer may have been used in the commission of a crime , or it may be the target.

Ransomware situation

Another point of interest in the FBI's internet crime report for 2019 was ransomware. Last year, we saw a decrease in the number of complaints and a rise in the amount of losses caused by ransomware incidents.

This year, losses continued to increase, but the number of ransomware incidents spiked right back up. All in all, the report's findings are surprising.

2019 has been a year flooded with news about ransomware infections hitting left and right. Companies in the private sector, managed service providers, schools, and municipalities have been hit the most.

According to reports from Armor and Emsisoft, ransomware crew took US entities in their sights last year. Emsisoft reported that ransomware hit in 2019:

  • 113 state and municipal governments and agencies.
  • 764 healthcare providers.
  • 89 universities, colleges and school districts, with operations at up to 1,233 individual schools potentially affected.
Year 2013 2014 2015 2016 2017 2018 2019
Complaints 991 1,402 2,453 2,673 1,783 1,493 2,047
Losses $539,562 $490,577 $1,620,814 $2,431,261 $2,344,365 $3,621,857 $8,965,847

While not all entities might have filed reports with the FBI's IC3, the FBI's report reflects what we've seen from independent third-party reporting.

2018 was a down year for ransomware gangs as there was a general shift in tactics from mass-email distribution to individual attacks targeted at a very few, but very high-profile targets.

As ransomware these new mode of operation became more popular in 2019, new ransomware gangs joined the fold, increasing the number of attacks we saw in 2018.

According to multiple experts, both BEC and ransomware attacks are expected to continue to rise in 2020, as there's little to deter cyber-crime groups from launching new operations.

Additional details and statistics are available in the FBI's 2019 Internet Crime Report, here [PDF].

Russia Blamed for Georgia Cyber Attack That Risks Sanctions .
Georgia accused Russian military intelligence of organizing a “paralyzing” cyber attack last year and called for a reaction by the international community. © Photographer: Andrey Rudakov/Bloomberg St Basil's Cathedral near Red Square in Moscow, Russia. Russia’s GRU was behind the “large-scale” October 2019 attack that targeted the presidential administration, various government bodies and media outlets in an attempt undermine its European integration, according to a Foreign Ministry statement Thursday. EU member-state Estonia, the U.S. and the U.K joined Georgia in attributing the attack to the GRU.

—   Share news in the SOC. Networks

Topical videos:

usr: 2
This is interesting!