comscore
हिंदी
  • Home
  • News
  • Microsoft detects 156,000 business email compromise attempts daily

Microsoft detects 156,000 business email compromise attempts daily

Microsoft Threat Intelligence detected and investigated 35 million (BEC) attempts with an average of 156,000 attempts daily between April 2022 and April 2023, the tech giant revealed on Friday.

Published By: Shweta Ganjoo | Published: May 20, 2023, 11:23 AM (IST)

microsoft (6)
  • whatsapp
  • twitter
  • facebook

Highlights

  • Microsoft Threat Intelligence detected 35 million Business Email Compromise between April 2022 and April 2023.
  • On an average, Microsoft Threat Intelligence detected 156,000 threat attempts daily.
  • Microsoft says companies should use cloud apps that utilise AI capabilities to enhance defenses.
  • whatsapp
  • twitter
  • facebook

Microsoft Threat Intelligence detected and investigated 35 million Business Email Compromise (BEC) attempts with an average of 156,000 attempts daily between April 2022 and April 2023, the tech giant revealed on Friday. news Also Read: Instagram Launches Limited-Edition Diwali Filters: Here’s How To Use Them

Microsoft also observed a 38 percent increase in Cybercrime-as-a-Service targeting business email between 2019 and 2022. news Also Read: Meta AI Adds UPI Lite, Hindi Support, and Deepika Padukone’s Voice to Ray-Ban Glasses in India

In its fourth edition of a Cyber Signals’ report, Microsoft highlighted a surge in cybercriminal activity around BEC, the common tactics employed by BEC operators and how enterprises can defend against these attacks. news Also Read: A Phone That Thinks And Moves? Honor Robot Phone Has A Camera That Pops Out

“BEC attacks offer a great example of why cyber risk needs to be addressed in a cross-functional way with IT, compliance and cyber risk officers at the table alongside business executives and leaders, finance employees, human resource managers and others with access to employee records,” said Vasu Jakkal, corporate vice president, security, compliance, identity, and management at Microsoft.

“While we must enhance existing defenses through AI capabilities and phishing protection, enterprises also need to train employees to spot warning signs to prevent BEC attacks,” she added.

Instead of exploiting vulnerabilities in unpatched devices, BEC operators seek to exploit the daily sea of email traffic and other messages to lure victims into providing financial information or taking direct action like unknowingly sending funds to money mule accounts that help criminals perform fraudulent money.

To protect against BEC attacks, businesses should leverage cloud apps that utilise AI capabilities to enhance defenses, adding advanced phishing protection and suspicious forwarding detection.

Crucially, businesses need to secure identities to prohibit lateral movement by controlling access to apps and data with Zero Trust and automated identity governance, said Microsoft.

In 2022, the FBI’s Recovery Asset Team (RAT) initiated the Financial Fraud Kill Chain (FFKC) on 2,838 BEC complaints involving domestic transactions with potential losses of over $590 million.

Trending Now

— IANS