BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New threat to business: FBI warns of increasing VEC attacks

    How do cybercriminals deceive sellers and carry out bulk purchases of goods for free?

    Typical business email compromise (VEC) attacks focus on stealing money by tricking the victim into redirecting the funds to the attacker's account. However, some cybercriminals go further and do not steal funds directly. In their attacks, they focus on the goods that the victim company produces or supplies.

    The US Federal Bureau of Investigation is alerting US companies to an increase in fraud using tactics very similar to VEC attacks, but with several key differences. In the case of a specific fraudulent campaign that the FBI observed, attackers used false buy-sell schemes to obtain various goods from suppliers throughout the country. The criminals sent fake emails from fake domains that looked like the domains of large American companies in order to initiate bulk purchases.

    In their attacks, the attackers took a fairly responsible approach to the choice of the sender's name and other details in e-mails. For example, letters were sent only on behalf of current or former employees of imitated companies, so that the attack looked more believable and did not raise doubts.

    “Affected sellers assume that they are conducting legitimate business transactions, fulfilling ordinary orders for the supply of goods, but in fact they are victims of fraud,” the FBI explains. Employees of the department also noticed that in some cases, the attackers even took out loans issued according to fake information in order to freely receive the goods for one or two months and not think about how to fake the fact of payment.

    According to the agency, this type of fraud is aimed at a number of different products. It includes: building materials, agricultural products, computer equipment, etc. Losses associated with such fraudulent schemes reached almost $2.4 billion in 2021 based on 20,000 recorded complaints. And that's just in the US.

    While the technical skills required to forge an email address are very low, it appears that the actors in these malicious campaigns are highly experienced in this area. They are well versed in business payments and various methods of hiding the fact of fraud.

    The FBI recommends that major suppliers and other sellers of goods always verify the sender of an email before confirming a transaction. Reliable information about the buyer can always be obtained from a reliable source. For example, a company website, social media, or an online database.

    Since attackers most often simply forge letters from large companies, it is easiest for the employee responsible for making a decision on the transaction to call this company directly and clarify all the information of interest. Especially if there are suspicions of fraud by the sender.

    Author DeepWeb
    The most reliable methods to protect your location on the Internet
    Selfless hackers: North Korean APT43 conducts espionage operations at its own expense

    Comments 0

    Add comment