The FBI has recently issued a renewed warning about what it calls the Business Email Compromise, a scam being used against companies that use wire transfers for payments of bills of foreign suppliers.
Like so many scams and security breaches, from that of Target to the recently discovered data breach at the Office of Personnel Management (OPM), this scam generally starts with socially engineered phishing. Phishing occurs when someone receives an email that lures the person receiving the email into downloading an attachment with malware or clicking on a link within the email that automatically downloads malware that enables the hacker to steal all of the information from the computer of the unwitting receiver of the email.
Phishing emails can easily be made to appear as if they are coming from legitimate sources, such as banks, government agencies, insurance companies or others with which the targeted companies do business. It takes little talent to create a counterfeit logo on an email to make the email look official.
View full story