«
»

BEC 2.0 Attack Uses Conversation Hijacking in Legit Email Threads of Compromised Accounts

Avanan, A Check Point Software Company, has published a new report on tracking the rise and continuous evolution of Business Email Compromise (BEC) attacks as researchers observe different variants.

According to Jeremy Fuchs, Cybersecurity Researcher/Analyst at Avanan, there’s BEC 1.0, where hackers pose as your boss and ask you to get a gift card; BEC 2.0, leveraging compromised accounts at the organization to unleash attacks within legit emails; and BEC 3.0, a third tier researchers are seeing develop.

Conversation Hijacking: In this attack brief, the hacker takes over an account and inserts themselves into a legitimate conversation, posing as the employee of which the account has been compromised (i.e., someone took over my account and started replying as me – the end-user would have no way of knowing.)

The research is live here: https://www.avanan.com/blog/business-email-compromise-scam-tries-to-trick-company-into-payment

This entry was posted on March 2, 2023 at 9:17 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “BEC 2.0 Attack Uses Conversation Hijacking in Legit Email Threads of Compromised Accounts”

  1. New BEC 3.0 Attack Utilizes Google Workspace to Send Malicious Crypto Links | The IT Nerd Says:
    March 9, 2023 at 9:00 am

    […] week, researchers at Avanan, a Check Point Software company wrote about BEC 2.0, a variant of BEC attacks that remains a significant problem for security services and companies. […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading