Active Alerts

Email Account Compromise (EAC) Scam
Source: FBI
Date of Alert: 8/27/2015 12:00:00 AM

E-mail Account Compromise (EAC) is a sophisticated scam that targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. The EAC scam is very similar to the Business E-mail Compromise (BEC) scam, except that it targets individuals rather than businesses.

Read more about the EAC scam.


ACH Fraud Alert
Source: Bartalex
Date of Alert: 5/1/2015 12:00:00 AM

Macro-wielding attackers are increasingly using cloud services to evade existing defenses. Trend Micro, for example, reports this week that it's seen a recent flurry of spam emails that have Bartalex macro malware attached. The social-engineering attack tells recipients that their Automated Clearing House electronic-funds transfer was declined, and invites the recipient to click a link to "view the full details," which leads to a Dropbox page that lists specific instructions, including the need to enable Microsoft Office macros, says Trend Micro fraud analyst Christopher Talampas in a blog post. If users fall for the ruse, the macro runs and attempts to load the Dyre banking malware. Talampas says this particular Dyre variant "targets banks and financial institutions in the United States."


FBI Public Service Announcements
Source: FBI InfraGard
Date of Alert: 4/8/2015 12:00:00 AM

A public service announcement from the FBI's Internet Crime Complaint Center (IC3) can be accessed by clicking these links:

CRIMINALS HOST FAKE GOVERNMENT SERVICES WEB SITES TO ACQUIRE PERSONALLY IDENTIFIABLE INFORMATION AND TO COLLECT FRAUDULENT FEES

ISIL DEFACEMENTS EXPLOITING WORDPRESS VULNERABILITIES


FBI Public Service Annoucement Business E-Mail Compromise: The 3.1 Billion Dollar Scam
Source: FBI Public Service Annoucement Business E-Mail Compromise: The 3.1 Billion Dollar Scam
Date of Alert: 6/14/2016 12:00:00 AM

BEC is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

Most victims report using wire transfers as a common method of transferring funds for business purposes; however, some victims report using checks as a common method of payment. The fraudsters will use the method most commonly associated with their victim’s normal business practices.

The BEC scam continues to grow, evolve, and target businesses of all sizes. Since January 2015, there has been a 1,300% increase in identified exposed losses1. The scam has been reported by victims in all 50 states and in 100 countries. Reports indicate that fraudulent transfers have been sent to 79 countries with the majority going to Asian banks located within China and Hong Kong.

Read more about the Business E-Mail Compromise