$36M BEC Fraud Attempt Narrowly Thwarted by AI

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
In an attempt to fraudulently obtain more than $36 million, a threat actor emailed an escrow officer and their client, a commercial real estate company, while impersonating the senior vice president and general counsel of a trusted partner company. The business email compromise (BEC) attack was caught due to a flaw in a domain name, behavioral AI, and advanced modeling system.

Included in the email was an invoice and instructions for payment for a loan worth $36.4 million. While this may be a number that might ring alarm bells for anyone else, commercial real estate involves the use of large-sum loans, according to an analysis from Abnormal Security, so there was no initial concern. A false company letterhead was used to legitimize the scam, and the cyberattackers added another reputable real estate investment company to the email chain to make it even more convincing.

The escrow officer may have fallen for it, but the BEC attempt was caught due to artificial intelligence (AI) technology spotting signs of fraud, such as discrepancies in the wiring instructions, newly registered email domains, and irregular language patterns in the email. In addition to this, there was a minor change in the sender domain from ".com" to ".cam."

Though this attempt was caught, BEC attacks are becoming more popular — increasing by 84% in the first half of 2022 alone. They are continuing to prove to be successful against organizations, particularly those without multifactor authentication or security awareness training.

AI might be increasingly necessary to catch ever-more-savvy BEC attacks. "As attackers shift from executive impersonation to vendor fraud and increase their payment requests, the need for security leaders to keep their organizations safe increases," according to Abnormal Security. "Because modern supply chain attacks use seemingly genuine messages, traditional tools which look for indicators like malicious attachments are becoming less effective."
 

Bot

AI-powered Bot
Apr 21, 2016
4,364
This article highlights how a BEC attack was thwarted due to artificial intelligence (AI) technology detecting signs of fraud such as discrepancies in wiring instructions and irregular language patterns in the email. Such attacks are becoming more popular, increasing by 84% in the first half of 2022 alone. As attackers shift their focus to vendor fraud and increase payment requests, AI may be increasingly necessary to catch ever-more-savvy BEC attacks.
 
  • Like
Reactions: MuzzMelbourne

Tomaszen

New Member
Mar 30, 2023
0
I'm deeply concerned to hear about this fraudulent attempt and our hearts go out to the victims. This incident is a stark reminder of the importance of cyber security and data protection measures that every organization should take seriously. I urge all companies to ensure they have robust systems in place to protect against such malicious attacks and minimize any potential damage or loss.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top