[BreachExchange] This is how hackers stole millions from your company

[Audrey McNeil]

http://www.newsweek.com/hackers-crime-computers-steal-billions-business-email-compromise-fbi-470430

Imagine a corporate bookkeeper gets an email from his CEO that says, “Hey,
I need the W-2s for everybody in the company.” The diligent bookkeeper
gathers the requested tax documents and sends them off to the executive.
But the initial email wasn’t really penned by the CEO—it was written by a
crook who broke into the executive’s email account. The goal: to carry out
a new type of cybercrime called “business email compromise” or BEC, which
hackers have used to try to steal billions of dollars in recent years.

“Our adversaries are opportunists,” says FBI agent Mitchell Thompson,
speaking to reporters on Tuesday in New York City in Lower Manhattan at a
roundtable to discuss growing online threats. “They look for
vulnerabilities to exploit.”

There are several different kinds of BEC crimes, including the executive
impersonation described above, which first appeared just before the 2016
tax season. Once hackers steals your information, they can sell it to other
criminals or use it for lucrative credit card and tax refund scams.

Another type of BEC occurs when criminals hack or impersonate an executive
and send an email to the company’s financial department asking for an
immediate wire transfer, usually to banks in China and Hong Kong. “I’ve had
$90 million go out the door in New York,” says Thompson. “Sometimes, it’s
gone, sometimes it comes back,” he adds, depending on how quickly the
victimized company discovers the crime.

Hackers have used BEC methods to steal or try to steal more than $3 billion
worldwide between late 2013 and May 2016, with U.S. and foreign victims
reporting more than 22,000 cases. Criminals have attempted the scam in all
50 states and in 100 countries, and there’s been a 1,300 percent increase
in attempted and successful BEC thefts since January 2015, according to the
bureau.

FBI officials also described other cybercrimes on Tuesday. Among them:
ransomware, a type of malware—short for malicious software—that hackers use
to encrypt the files on a computer, making them inaccessible so they can
charge the computer’s owner a ransom to remove the infected software.
“Criminals will target anyone with ransomware if they think they’ll pay
up,” says FBI agent Richard Jacobs. The victims, he adds, usually pay
anywhere from $200 to $10,000, often in bitcoin.

Because cybercriminals research the companies they target, the FBI advises
companies to keep job descriptions and organizational charts off social
media and company websites. Victims of internet crimes should also report
what happened to the FBI at the bureau’s complaint center. “A lot of it
boils down to good computer hygiene,” says agent Aristedes Mahairas, head
of the FBI’s cyber division in New York. “If you don’t recognize an email,
let’s move that over to the junk folder.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160614/807a2e79/attachment.html>