Wednesday, October 21, 13:51
Home inet BEC scams: From which countries are they carried out and for what purpose?

BEC scams: From which countries are they carried out and for what purpose?

BEC fraud is one of the most common forms of cybercrime - and new BEC fraud gangs are emerging around the world to defraud companies into giving money, according to a new study.

Some of these scams have been carried out in the past by Nigeria, which accounts for about half of all BEC scams, according to analysis by security researchers Agari. However, a quarter of BEC e-fishing scams come from USA.


Overall, Agari identified BEC attacks from 50 countries around the world and identified South Africa and the United Kingdom as high-level areas of BEC activity.

The survey also identifies Eastern Europe and Russia as a region with a growing number of BEC fraudsters. While traditionally, they host trojan groups malware and ransomware, the emergence of BEC teams in these areas suggests that the threat landscape in cyberspace could change as corporate phishing scams become more profitable.

Nearly half of all BEC fraudsters in the United States are based in five states: California, Georgia, Florida, Texas and New York, although they have been identified. data for people who carry out BEC attacks in 45 states in total.

The goal of a BEC attack is to trick an employee of an organization into transferring a large amount of corporate capital - the average loss is $ 80.000, but some attacks can cost millions - to a fraudulent bank account.

Often, these phishing attacks will take the form of a "phoney email" sent in the name of a real executor, asking the victim to transfer money urgently to secure a business agreement or contract. In some cases, BEC scammers are known to violate legitimate real email accounts employees whom they know and use an established level of trust to help promote the transfer.

When one realizes that the transfer was fraudulent, it is already too late as the money is already in the hands of the attackers. The FBI reports that almost half of the reported financial losses from cybercrime in 2019 were lost to BEC scams.

Another element of these campaigns also has a significant footprint in the US. Researchers have collected information on 2.900 mule accounts of money run by people whose job it is to carry stolen money and found that 80% of them also relied on the US. This is mainly because US operations have historically been the primary target of BEC attacks and most of these attacks require victims to send money to accounts in the same country, Hassold said.

However, while "money mules" help the criminal activity, in many cases those involved do not know they are doing it, having been tricked into providing it aid through him social engineering or through "romantic scams".


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


PCI Pal: 7 out of 10 will not shop from infringing companies

As a new research by PCI Pal showed, consumers seem to be more worried about the shopping they will do in ...

The new Microsoft Edge is now mandatory on Windows 10 20H2

Today's version of Windows 10 20H2 is the first version that automatically replaces Microsoft Edge Legacy with the new Microsoft ...

Windows 10 1909 KB4580386 fixes various issues

Microsoft has released the monthly cumulative update KB4580386 of Windows 10 1909 with quality improvements and corrections to the Microsoft Xbox Game Pass, ...

The Nefilim ransomware gang leaked Luxottica files

The hackers behind Nefilim ransomware have published files on the internet, which seem to belong to the well-known company that manufactures and sells ...

Cisco: Vulnerability CVE-2020-3118 is used in some attacks

Cisco today warned of some attacks that actively target the high-severity vulnerability CVE-2020-3118, which has been found to affect many routers ...

Google: Chrome patch released for zero-day vulnerability fix

Google yesterday released the new version of Chrome 86.0.4240.111, with security updates, to fix a zero-day vulnerability that, according to ...

Microsoft: Said to Shut Down 94% of TrickBot C&C Servers!

Last week, Microsoft-led cybersecurity companies joined forces to crack down on TrickBot, one of ...

Vulnerabilities in MobileIron MDM servers used by hackers

Government hacking teams and other criminals exploit vulnerabilities in MobileIron MDM servers and gain access to corporate networks.

Albion Online: The forum of the popular online game has been violated!

A popular online role-playing game has revealed that its user forum has been breached, exposing email addresses and encrypted passwords ...

Iranian CEO guilty of conspiracy and breach of US sanctions!

The United States has sentenced the CEO of a financial services company to 23 months in prison for allegedly helping Iranian nationals carry out financial ...