BEC Scams Increase Year over Year; Reach Monthly Average of More Than $300 Million



Business email compromise (BEC) scams have been on a steady rise year over year and as per the suspicious activity reports (SARs) received month since 2016, the count has now reached at a monthly average of more than $300 million.

The  Financial Crimes Enforcement Network  (FinCEN) in the wake of assembling the statistics about BEC episodes happening in the course of recent years recognized the most common types of targets alongside the destination planned for the stolen assets and the procedures utilized by the scammers.

Companies have said to have lost around $1.2 billion to this kind of cybercriminal movement, who's aim is to acquire assets by acting like a customer or upper management personnel in a company so as to fool the key individuals within the organization into wiring funds to an 'attacker-control bank account'.

Commercial entities offering proficient services  like landscaping, retail, restaurants, and lodging turned out to be increasingly alluring targets, with 18% of the attacks being aimed at them.

FinCEN's analysis describes the broader picture of BEC scams

In contrast to financial organizations, which fell in the rankings from 16% to 9%, real estate firms ended up being all the more enticing, representing 16% of the BEC scam victim pie.

The attackers however don't stay adhered to only one way; they have various strategies to accomplish their goal. From impersonating company CEOs to impersonating customers and vendors all the while using fake invoices they have done it all.

Therefore users are recommended to pay special mind to any Malwares or Spywares as the attackers rely heavily on malware intended to steal the necessary information for executing the attack just as Spyware for stealing the information important to break into email accounts.


Bulgaria’s tax agency hacker released

A cybersecurity expert accused of hacking the data of more than 5 million Bulgarian taxpayers was released by police Wednesday after his charges were downgraded.

Kristian Boykov, a 20-year-old Bulgarian cybersecurity worker, was arrested in Bulgaria's capital Sofia last week in connection to the breach. Police raided his home and seized computers and mobile devices with encrypted information. The hacker was found by police through the computer and software used in the attack, according to the Sofia prosecutor's office.

Due to his work, which involves testing computer networks for potential vulnerabilities, some believe Boykov is a "white hat hacker" — a hacker that breaks into computer networks to expose vulnerabilities and push for the weaknesses to be fixed.

He has made news in Bulgaria before. In 2017, he hacked the Bulgarian education ministry's website to expose its vulnerabilities. In a television interview, he described the work as "fulfilling my civic duty."

Sofia prosecutors claim they tracked one of the stolen files from the latest data breach to a username used by Boykov. Boykov and his lawyer reject the allegations against him and say he was not involved in the incident.

The hack of the nation's tax agency database is believed to be the largest data breach in Bulgaria's history. Nearly every working adult in Bulgaria was impacted. In a country of 7 million, more than 5 million people had personal data such as social security information, addresses, incomes and names leaked and made easily accessible on the Internet.

Boykov was initially charged with a computer crime against critical infrastructure, with a maximum sentence of eight years in jail. Those charges were dropped and he was given a lesser charge of crime against information systems, which has a maximum jail sentence of three years.

The initial hack is believed to have happened in June. The breach remained undetected until an email from a Russian email address was sent to Bulgarian news outlets last week claiming responsibility for the attack. In the email, the sender claimed to be a Russian hacker, gave downloadable links to the stolen information and mocked Bulgaria's cybersecurity efforts.

In Kazakhstan, everyone who wants to use Internet must allow government to read their Secure Traffic (HTTPS)



Providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content.

Kazakhstan Telecom operators have begun to notify customers about the need to install a special security certificate Qaznet on all subscriber devices with Internet access - mobile phones and tablets based on iOS/Android, personal computers and laptops based on Windows/MacOS.

The message on the website of the Kcell provider states that the certificate recommended for installation "was developed in Kazakhstan and provided by the authorized state body" and "will allow protecting Kazakhstani Internet users from hacker attacks and viewing illegal content". However, it can be assumed that such opportunities can be used by the authorities of Kazakhstan to gain access to information that citizens exchange via the Internet.

Users are invited to download the certificate from the website qca.kz. This domain name is registered to an individual Askar Dyussekeyev. The address of the owner is the same as the address of the Ministry of Digital Development, Innovation and Aerospace Industry of Kazakhstan.

Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Indeed, according to some users from the capital of Kazakhstan, it is impossible to access sites that force the use of the secure HTTPS protocol using the HSTS mechanism without installing a certificate. Such sites are now the majority.

According to Shavkat Sabirov, the President of the Internet Association of Kazakhstan, there is a global problem in the world related to the safe use of the Internet.

"All the experiments that were associated with the installation of root certificates failed. All over the world, it is already recognized that this is an unsuccessful and even a terrible attempt to work in a safe mode. If this certificate is stolen or hacked, the attackers will get absolutely all the information about users data that use this certificate," said the president of the Internet Association of Kazakhstan.

The President of the Internet Association of Kazakhstan noted that companies that provide services on the Internet with the security certificate should take responsibility for its use.

Israeli spyware firm NSO can mine data from social media accounts









An Israeli spyware firm has claimed that they can scoop  user data from the world’s top social media, the Financial Times report. 

The powerful malware Pegasus from NSO Group is the same spyware that breached WhatsApp data earlier this year. 

The firm said that this time their malware can scrap data from the servers of Apple, Google, Amazon, Facebook, and Microsoft. 

According to the reports of the Times, the NSO group had “told buyers its technology can surreptitiously scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft, according to people familiar with its sales pitch”.

However, the companies spokesperson denied the allegation in a in written statement to AFP’s request for comment. 
“There is a fundamental misunderstanding of NSO, its services and technology,” it said.

“NSO’s products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure as listed and suggested in today’s FT article.”

In the mean time, Amazon and Google told AFP that they have started an investigation on the basis of report, but so far found no evidence that the software had breached their systems or customer accounts.





Equifax Paying Settlement around $700 Million after Massive Data Breach


Almost two years ago, Equifax suffered a massive data breach which exposed a significant amount of sensitive data of over 143 million Americans, the compromised information included that of driving licenses, social security numbers, and addresses of the victims. 

It has been uncovered by The Wall Street Journal and The New York Times that the consumer credit reporting agency is closing in on a settlement with FTC, state attorneys general, Consumer Financial Protection Bureau along with state and federal agencies. Equifax could settle up with $650 to $700 million, out of which it has put aside $690 million for the purpose of penalty. 

As per the media findings, the amount is expected to differ on the basis of the number of people filing claims and the details of the same will be released on Monday.

Notably, the settlement entails terms to devise a separate fund for the purpose of settlement, however, the amount victim's could expect in compensation is still a matter of question.

Commenting on the matter, Equifax CEO, Richard Smith, said, “At this critical juncture, I believe it is in the best interests of the company to have new leadership to move the company forward,” as he decided to retire in the wake of the cyberattack.