De digitale dreigingen nemen in snelheid en complexiteit toe, en een van de meest zorgwekkende aanvallen is Adversary-in-the-Middle (AitM) phishing.

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/phishing/2557618_wie-zit-er-tussen-jou-en-je-wachtwoord-de-gevaren-van-aitm-phishing-onthuld

Podcast Spotify: https://open.spotify.com/episode/4wUUyfd3JSFFgYbff3KOny?si=054a2c87cbe54176

Podcast Youtube: https://youtu.be/ngli1dXuicc

#AitMphishing #Phishing #Cybercrime #Cybersecurity #PhishingAsAService #PhaaS #ReverseProxy #MFA #MultiFactorAuthentication #BEC #BusinessEmailCompromise #Ransomware #DataProtection

A Singapore-based commodity firm fell victim to a sophisticated BEC scam, resulting in an unauthorized transfer of $42.3 million to an account in Timor Leste.

Read more 👉 https://lttr.ai/AeG6Y

#Security #Infosec #BusinessEmailCompromise

International Cooperation: The success of this operation highlights the effectiveness of coordinated global efforts in combating cybercrime.

Read more 👉 https://lttr.ai/AbGVA

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

📬 Operation Heart Blocker: Marktplätze für Fraud-Tools zerschlagen
#DarkCommerce #Rechtssachen #BusinessEmailCompromise #DigitaleSicherheit #HeartSender #OnlineBetrug #Phishing #SaimRaza https://sc.tarnkappe.info/4abd25

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/

#businessemailcompromise #U.S.DepartmentofJustice #DutchNationalPolice #Ne'er-Do-WellNews #ALittleSunshine #OperationTalent #TheManipulaters #WeCodeSolutions #Breadcrumbs #domaintools #HeartSender #BECfraud #Fudtools #SaimRaza #Cracked #Fudpage #Sellix #FudCo #fbi

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang - The FBI and authorities in The Netherlands this week seized dozens of servers and ... https://krebsonsecurity.com/2025/01/fbi-dutch-police-disrupt-manipulaters-phishing-gang/ #businessemailcompromise #u.s.departmentofjustice #dutchnationalpolice #neer-do-wellnews #alittlesunshine #operationtalent #themanipulaters #wecodesolutions #breadcrumbs #domaintools #heartsender #becfraud #fudtools #saimraza #cracked #fudpage #sellix #fudco

AI is fueling the next wave of #cybercrime! #Phishing attacks, fake invoices, and #BusinessEmailCompromise are now harder to spot. Watch our 8-minute video to learn about new attack tactics and defense tips. https://youtu.be/1ewEnPVzg2M

#AIThreats #IT #GenerativeAI #AI #cyberaware

In Part 2 of our BEC-ware the Phish blog series, Rachel Rabin dives into the crucial steps for responding to and remediating Business Email Compromise (BEC) incidents in M365. 💻

We'll delve into the key response actions to contain a live attacker, looking at the complexities of token revocation and password resets in hybrid environments.

An effective response requires a proactive setup. Implement pre-configured response accounts and automation to take actions consistently and without delay.

Short-term remediations help get back to business as usual, and our long-term suggestions will protect against future phishing attacks.

We'll explore hardening measures such as Conditional Access policies, phishing-resistant authentication, token protections, and app consent policies to protect against AiTM and OAuth phishing frameworks.

Lastly, we'll look at dedicated controls to protect privileged accounts from phishing, such as cloud-only identity for cloud administrative activities.

Get the full technical breakdown in the latest blog: https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-2-respond-and-remediate-incidents-in-m365/

#CyberSecurity #BusinessEmailCompromise #M365Security #PhishingProtection #InfoSec #CloudSecurity #ZeroTrust #TechCommunity

Increased integration of cybersecurity measures within standard business processes.

Read more 👉 https://lttr.ai/AYgSs

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

Defending Against Business Email Compromise (BEC) 📧🔒

BEC is one of today’s most dangerous threats, bypassing traditional defenses with targeted attacks. Crowdalert combines automation with human insight, engaging your team to verify unusual behavior and escalating real threats fast.

Ready for the next BEC attempt? Discover how Crowdalert can help. https://crowdalert.com

#BEC #BusinessEmailCompromise #Cybersecurity #Crowdalert #EmailSecurity

With a rise in Adversary in the Middle (AiTM) phishing, we've seen attackers leverage trusted compromised accounts to launch multi-stage attacks and follow-on BEC activity. Too often, investigations end with "If only this data had been available!"

We are kicking off our 3-part series on handling Business Email Compromise (BEC) incidents in Microsoft 365! 📧 In Part 1, Rachel dives into the key artefacts for investigating a BEC in M365 and where to find them.

👉 https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-1-investigating-incidents-in-m365/

This includes:

Why enabling Unified Audit Logging is essential for tracking attackers.

How to use Purview Content Search to analyse compromised mailboxes.

Pro tips for using Defender's Advanced Hunting to quickly scope the scale of an attack.

Stay tuned for more actionable insights in Parts 2 & 3!

#CyberSecurity #BusinessEmailCompromise #M365 #IncidentResponse
#MicrosoftDefender #EmailSecurity #DigitalForensics #DataRetention #ThreatHunting #CloudForensics

I spent most of a day on a case of #businessemailcompromise that was just so obviously a case of business email compromise until it wasn't. What it was: stratospheric-level incompetence, communication breakdown, fractured business processes and highly dubious accounting practices on the part of a supplier. I think that might actually be worse.

This case study examines the incident, its resolution, and the broader implications for business cybersecurity.

Read more 👉 https://lttr.ai/AWvLJ

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

The scam exploited a common vulnerability in business processes: the manipulation of vendor email communications to redirect legitimate payments.

Read more 👉 https://lttr.ai/AWK0A

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

Evolving Threat Landscape: BEC scams continue to pose a significant and growing threat to businesses globally.

Read more 👉 https://lttr.ai/AV8UM

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

By staying informed and proactive, businesses can significantly mitigate the risks associated with BEC scams and contribute to a secure global business environment.

Read more 👉 https://lttr.ai/AV8Oa

#Security #Infosec #BusinessEmailCompromise #Fraud #EmergingThreats

Over $40 million recovered and arrests made within days of firm realising it had fallen for Business Email Compromise scam - According to the FBI, billions of dollars have been lost through Business Email Compromis... https://www.tripwire.com/state-of-security/over-40-million-recovered-and-arrests-made-within-days-after-firm-discovers #businessemailcompromise #guestblog #law&order

📬 BEC-Scam: Polizei warnt vor grassierender Betrugsmasche
#OnlineBetrug #Szene #BECBetrug #BECScam #BezirkskriminalinspektionKiel #BusinessEMailCompromise #Mailserver https://sc.tarnkappe.info/aec405

Convicted BEC scammer could face over 100 years in prison - A US court has found a Nigerian national guilty of charges related to a US $1.5 million b... https://www.bitdefender.com/blog/hotforsecurity/bec-scammer-100-years-prison/ #businessemailcompromise #guestblog #lawℴ #phishing #malware

Convicted BEC scammer could face over 100 years in prison.

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/bec-scammer-100-years-prison/

#cybersecurity #businessemailcompromise #scam