Researchers have tracked a phishing campaign that is falsely promising to loan $36M to businesses.
The target was able to thwart the threat using AI software.
The threat actor is using Business Email Compromise as a vector.
- This campaign targeted an escrow officer at an insurance company by cc'ing the presumed client and sending seemingly legitimate invoices.
- It is likely that hackers specifically targeted this client because of their activity in commercial real estate, an industry where clients often send large sums through different channels.
- The targeted organization was able to detect the threat by using software to spot the following tells:
- Hackers had written "Reference: Name" instead of "Reference Name,"
- The sender's email and the cc'd domains were registered less than a week before the email was sent,
- Irregular language patterns, etc.
Business email compromise has consistently ranked as one of the most used threat vectors by hackers due to the large sums of money involved in these hacking campaigns.
- Hackers earned at least $2.7B from BEC attacks in 2022. This figure may be significantly larger because many cyberattacks are not reported to law authorities.
