His criminals cyberspace, use a new practice, known as BEC (Business Email Compromise), and are now targeting business customers as well. The new method used by attackers is designed to collect information about future goals by asking for timetables for receivable accounts from the company records.
Account billing schedules are sets of outstanding invoices that allow the financial department of a company to monitor customers who have not yet paid for the services or goods they were allowed to buy on credit.
The BEC fraud method (also known as EAC) is used by them Criminals of cyberspace to fool them employees of a company to transfer money to entities they trust, but their bank accounts have changed with others being controlled by fraudsters.
The new BEC fraud system
Criminals have been intercepted by Agari Cyber Intelligence Division (ACID), while presenting as managing directors of targeted companies and requesting information from employees about invoices that have been delayed to be paid in the form of a collection schedule.
Fraudsters use fake names and emailsto fool employees to give them the information they are requesting.
The most unusual in BEC attacks is that attackers are not asking for direct payment, and in most other similar frauds, financial services officers are asked to send payments to bank-controlled bank accounts.
ACID responded to the fraudsters by sending a fake timetable, which forced them to ask for a list of customers along with their debts to the company. To obtain all the information, the scammers also asked for the e-mail addresses of the customers.
To make sure their targets are being tricked, attackers they will probably also make an offer, such as paying less to settle their debts.
The fact that crooks have now changed their target and is now targeted at customers rather than in the business itself, makes their attacks much more dangerous, and even if employees learn to detect BEC attacks, they will no longer be enough to stop the attackers. In addition, this new type of fraud leads to infected payment channels, with employees and customers no longer trusting them.
BEC attacks showed an explosive growth of 476% between the last quarter of 2017 and the last quarter of 2018.