SECURITY How Did It End Up Like This?
Transcript of SECURITY How Did It End Up Like This?
Small in volume, but big on financial impact. Business Email Compromises (BEC) make up only ~1% but result in over $350 million in direct losses.
AFackers draw from current events to make emails more convincing
like the COVID lure example used below
BUSINESS EMAILCOMPROMISE (BEC)
IMPERSONATION
Backdoors aren’t necessary when users provide the key to the front door. The objecRve for many phishing aFacks is stealing account credenRals.
It Started OutWith a PhishHow Did It End Up Like This?
2021 SECURITY REPORT
S E C U R I T Y
STOLEN CREDENTIALS
U R L R E D I R E C T S T O C R E D E N T I A L
H A R V E S T E R I M P E R S O N AT I N G
M I C R O S O F T O N E D R I V E :
h"ps://f000.backblazeb2[.]com/file/analog-bitness-59f08259/index.html
9.3%of allmalicious a+acks
involve creden2alharvesters
ATTACKER HIJACKS THREAD AND PIVOTS TO ATTACKER ACCOUNT
The average BEC request is nearly
1.5M$
I D E N T I T Y D E C E P T I O N L I K E
D I S P L AY A N D D O M A I N N A M E
S P O O F I N G M A K E U P N E A R LY 9 %
O F AT TA C K S
T H E T O P 1 0 I M P E R S O N AT E DB R A N D S A C C O U N T F O R O V E R 5 6 % O F A L L S P O O F - A N D I M P E R S O N AT I O N - B A S E D P H I S H I N G AT TA C K S
To learn about otherstats and findings
DOWNLOAD THE FULL REPORT
C O M P R O M I S E D S E N D E R
LEGITIMATE, BENIGNEMAIL THREAD
9%
56%