Credential and Email Compromise

Cyber Threats Surge in India’s Financial Sector

Fintech News

MAY 8, 2025

These chatbots leverage AI with natural language processing (NLP) capabilities to engage potential victims in seemingly benign conversations, subtly extracting credentials or sensitive data over time. The surge of deepfakes The rise of AI has also led to a surge in deepfake attacks.

Deepfake

Deepfake Data Breach MFA Phishing

What is Business Email Compromise (BEC)?

Nanonets

NOVEMBER 14, 2023

Business Email Compromise (BEC) is a cyber threat that exploits the vulnerabilities of email communication. Perpetrators impersonate trusted entities, such as executives or vendors, employing social engineering techniques to coerce employees into compromising actions. What is Business Email Compromise (BEC)?

Email Compromise

Email Compromise Business Email Compromise Compromise Phishing

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Seon

JUNE 15, 2023

Business email compromise (BEC) attacks can be a major risk to businesses’ finances and reputations. Let’s look at what business email compromise attacks are and explore some of the many ways you can combat them. What Is a Business Email Compromise Attack? Reported losses in 2020 exceeded $4.2

Email Compromise

Email Compromise Compromise Business Email Compromise Risk

Webinars

A Roadmap For Modernization: How To Break Free From Your Monolith Before July 31, 2026

MORE WEBINARS

Invoice Fraud Strikes Amazon In $19M Scam

PYMNTS

AUGUST 24, 2020

This week's B2B Data Digest looks at the rising threat of the business email compromise (BEC) scam and invoice fraud on companies of all sizes in the U.S., Reports said the fraudsters have stolen more than 800 sets of credentials in an attempt to commit B2B payment fraud via spear-phishing attacks. Canada and the world over.

Scams

Scams Business Email Compromise Ransomware Email Compromise

Why The Data Breach Decline Is Bad News For Businesses

PYMNTS

FEBRUARY 1, 2021

40 legitimate email accounts of company executives have been compromised in a phishing campaign targeting businesses , according to Gov Info Security reports. The scam involves sending a phishing email claiming to be a Microsoft Office 365 update. The campaign is targeting businesses across the U.S.,

Data Breach

Data Breach Breach Business Email Compromise Scams

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

PYMNTS

DECEMBER 17, 2019

An unidentified group is reportedly putting much effort into a complicated scam to steal the login credentials of government personnel. While the email contains a link to what should be a website for procurement, the victim views a convincing facsimile. Anomali, a security firm, says it has found bogus websites of the U.S.,

Credential

Credential Scams Email Compromise Business Email Compromise

SEC Issues Corporate Fraud Warning As BEC Scams Climb

PYMNTS

NOVEMBER 16, 2020

The risk of fraud continues to climb for organizations of all sizes as the latest data reveals third-quarter spikes in business email compromise and ransomware scams. This week's B2B Data Digest takes a look at the numbers behind those spikes, finding small businesses to be particularly at-risk.

Business Email Compromise

Business Email Compromise Scams Ransomware Email Compromise

Scammers Prove Corporate Payments Fraud Comes In All Shapes And Sizes

PYMNTS

DECEMBER 7, 2020

Business email compromise (BEC) scams continue to ravage company coffers. According to CNBC reports , the email phishing scheme involves attackers impersonating one business executive at a China-based business that offers temperature-controlled supply chain solutions.

Business Email Compromise

Business Email Compromise Scams Crime Email Compromise

Corporate Fraud Reveals The Breadth Of Scammer Tactics

PYMNTS

AUGUST 17, 2020

In this week’s Data Digest, PYMNTS rounds up the latest cases and research into how corporates are being targeted with crimes like the business email compromise (BEC) scam, as well as how they’re fighting back. When it comes to fraud threats, no company — large or small — is immune.

Business Email Compromise

Business Email Compromise Federal Trade Commission Scams Cybersecurity

Report: Email Variants Keep BEC Fraud Humming Along

PYMNTS

JULY 1, 2019

As noted in a report by FireEye, the bad guys are continuing to leverage a tactic known as business email compromise (BEC), where that method of communication seeks to impersonate persons of authority from within a firm, or alternatively, legitimate business partners, to requests funds be sent to accounts (and then of course, pilfered).

Business Email Compromise

Business Email Compromise Phishing Email Compromise Credential

From The Phone To Email: How Scammers Hit SMBs

PYMNTS

OCTOBER 15, 2018

It’s a twist on the business email compromise (BEC) scam that typically involves scammers emailing business owners and seeking payment via wire transfer, ACH or paper check. “No legitimate business or utility will call you and ask you to make a payment using a Green Dot card,” AG Frosh said in a statement.

Ransomware

Ransomware Online and Mobile Banking Small Business Scams

New Cyberattacks Surface To Steal Corporate Funds

PYMNTS

APRIL 4, 2019

Meanwhile, instances of the Business Email Compromise (BEC) are also on the rise: About 47 percent of all incidents examined last year were the result of a hack or malware — and, of those, about half were BEC scams. Through the spear phishing campaign, an unwilling employee inputs those credentials for the criminal.

Ransomware

Ransomware Phishing Direct Deposit Business Email Compromise

Deepfakes Threaten To Become The New BEC Scam

PYMNTS

AUGUST 24, 2020

The business email compromise (BEC) scam continues to rear its ugly head at the enterprise, with the global pandemic creating even more avenues through which cyber attackers can steal company money. At the heart of BEC and other scams is impersonation.

Deepfake

Deepfake Business Email Compromise Scams Multifactor Authentication

It Takes A Hub: Fighting eCommerce Fraudsters Across New Vectors

PYMNTS

JUNE 3, 2020

That’s especially important as criminals seek to use eCommerce to commit what might be termed “authorized fraud” as bad actors get hold of card details or log-in credentials, pose as legitimate account holders and send payments. Authorized fraud also encompasses business email compromise (BEC) scams, too, said Tharle.

Business Email Compromise

Business Email Compromise Email Compromise Real Time Payments Authentication

AP Automation Combats COVID Scams

PYMNTS

APRIL 21, 2020

Business email compromise (BEC), B2B phishing scams, synthetic identities, fake accounts and trillions of aid dollars flooding out at a time of maximum uncertainty make this a fraudster’s paradise. COVID-19 has afforded internet villains what will certainly go down as the greatest cybertheft opportunity of their shadowy lifetimes.

Scams

Scams Automation Phishing Email Compromise

ProofPoint Warns Of Bank Trojans: A Massive Threat Executives May Overlook

PYMNTS

AUGUST 8, 2018

Business Email Compromise scams continue to grow and steal more corporate money than ever before. Phishing emails — 93 percent of which include ransomware, according to ITProPortal — should by no means be ignored. Compare that to ransomware, which made up just 11 percent. Attackers then use that malware to access bank accounts.

Ransomware

Ransomware Phishing Email Compromise Online and Mobile Banking

FBI: BEC Scams Stole $1.2B In 2018

PYMNTS

APRIL 26, 2019

Business email compromise (BEC) scams are gaining traction, and bilking unwitting individuals and companies out of an increasing amount of money. Payroll diversion has become a significant form of payments fraud as well — in this case, the bad actors snare login credentials from employees, and change direct deposit information.

Business Email Compromise

Business Email Compromise FBI Scams Wires

Mutant Malware Able To Slip Past Antivirus Tools, Experts Warn

PYMNTS

AUGUST 30, 2017

It first emerged in March of this year, the company said, and was used mostly to steal online banking information and credentials to infiltrate bank accounts and steal money. Once the user clicks on the PDF file, the computer is infected and finds more email addresses to spread.

Email Compromise

Email Compromise Cybersecurity Small Business Consulting

BEC Fraudsters Eye HR Departments As Prey

PYMNTS

APRIL 12, 2019

Thus, business email compromise fraud (BEC) is evolving too. Said Adrien Gendre, chief solution architect for Vade Secure, on the site: the email scams “are not isolated, that’s for sure.”.

Business Email Compromise

Business Email Compromise AFP ACH Email Compromise

When Email Becomes SMBs’ Biggest Security Threat

PYMNTS

JANUARY 16, 2020

The business email compromise (BEC) scam is a cybersecurity threat to businesses of all sizes, and the financial and security implications of a successful attack aren’t isolated to its target. Attackers also turn to developing fraudulent portals to compromise professionals’ email credentials, for example.

Business Email Compromise

Business Email Compromise Security Scams Email Compromise

Widespread Corporate Hacking Lands Two Russians In Prison

PYMNTS

FEBRUARY 16, 2018

The two were part of a larger group that stole online credentials, personal information and credit and debit card numbers between 2005 and 2012. The business email compromise scam saw an increase of 10 percent during those two years. The two pled guilty in September 2015.

Email Compromise

Email Compromise Debit Card Credential Scams

When Vendors Open Doors To Cyberattackers

PYMNTS

MAY 2, 2019

The report also pointed to data stolen from law firms and cyberattackers’ ability to use that information to obtain employee credentials about pending deals. million business email compromise scam. million business email compromise scam.

Data Breach

Data Breach Third Party Vendors Breach Cybersecurity

Ex-FBI On The Onion Approach To Battling Cyber Criminals

PYMNTS

APRIL 5, 2019

The attacks are targeted ones, said Arruda, who noted that hackers don’t usually directly try to hack banks or credit unions, but instead try to get access through the aforementioned email campaigns, where the credentials are stolen and the stolen credentials are leveraged to gain access to the FI.

FBI

FBI Credit Union Credential Cybersecurity

When Cyberattacks Hit, Corporates’ Tech Investments Only Go So Far

PYMNTS

APRIL 9, 2018

Likewise, cybersecurity tools are limited when stopping other employee behaviors that lead to data breaches, like sending credentials or money to bad actors and fraudulent accounts. IBM warned that some of the most common human errors linked to data breaches involve “basic misjudgment.” To err is human,” IBM said in its report.

Data Breach

Data Breach Breach Cybersecurity Phishing

Retail Payments Fraud: How Consumers and Banks Can Fight Back

FICO

APRIL 29, 2022

04%), NACHA officials say business email compromise attempts are on the upswing – just as they are across every channel. The short version: Be diligent and vigilant about who you’re giving your personal information and credentials to. ACH volumes in the United States increased 8.7% Check yourself before you wreck yourself.

Retail Payments

Retail Payments Zelle Consumer Romance Scams

Hacker Tracker: Sabre Investigating Breach, Card Testing On The Rise

PYMNTS

MAY 5, 2017

Radial found a 200 percent rise in Q1 of credit card testing—when stolen payment card credentials are ‘tested’ with small, innocuous buys before cybercrooks move on to larger fraudulent purchases. Regular risk and compliance assessments are not enough for today’s clever fraudsters,” Graff said.

Breach

Breach Business Email Compromise Data Breach Cybersecurity

Procurement Is Ground Zero For Cybersecurity Protection

PYMNTS

JUNE 23, 2016

For some, like small suppliers, a compromise of sensitive data and credentials can lead to a few hundred or thousand dollars fraudulently obtained from a business client, often via the Business Email Compromise scam. The impact from a data breach on an enterprise can be a mixed bag.

Cybersecurity

Cybersecurity Data Breach Assessments Breach

The Enterprise Wakes Up To Cybersecurity Threats – Now What?

PYMNTS

JUNE 1, 2017

Take the Business Email Compromise, for example. That’s because cyber attackers aren’t just using automated, malware-first approaches to their crimes anymore.

Cybersecurity

Cybersecurity Breach Email Compromise Compromise

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

The Payments Association

FEBRUARY 17, 2025

In an AiTM attack, the attacker typically sends a phishing email with a link that directs the victim to a fake login page (redirector or AiTM phishing page) designed to look like a legitimate service. These schemes typically involve: Phishing emails : Crafted to trick users into sharing login credentials.

Phishing

Phishing Multifactor Authentication Authentication Credential

Payments Space

Cyber Threats Surge in India’s Financial Sector

What is Business Email Compromise (BEC)?

What Are the Risks of Business Email Compromise & How Can You Prevent Them?

Webinars

Invoice Fraud Strikes Amazon In $19M Scam

Why The Data Breach Decline Is Bad News For Businesses

Anomali Identifies Scam To Steal Gov’t Procurement Site Credentials

SEC Issues Corporate Fraud Warning As BEC Scams Climb

Scammers Prove Corporate Payments Fraud Comes In All Shapes And Sizes

Corporate Fraud Reveals The Breadth Of Scammer Tactics

Report: Email Variants Keep BEC Fraud Humming Along

From The Phone To Email: How Scammers Hit SMBs

New Cyberattacks Surface To Steal Corporate Funds

Deepfakes Threaten To Become The New BEC Scam

It Takes A Hub: Fighting eCommerce Fraudsters Across New Vectors

AP Automation Combats COVID Scams

ProofPoint Warns Of Bank Trojans: A Massive Threat Executives May Overlook

FBI: BEC Scams Stole $1.2B In 2018

Mutant Malware Able To Slip Past Antivirus Tools, Experts Warn

BEC Fraudsters Eye HR Departments As Prey

When Email Becomes SMBs’ Biggest Security Threat

Widespread Corporate Hacking Lands Two Russians In Prison

When Vendors Open Doors To Cyberattackers

Ex-FBI On The Onion Approach To Battling Cyber Criminals

When Cyberattacks Hit, Corporates’ Tech Investments Only Go So Far

Retail Payments Fraud: How Consumers and Banks Can Fight Back

Hacker Tracker: Sabre Investigating Breach, Card Testing On The Rise

Procurement Is Ground Zero For Cybersecurity Protection

The Enterprise Wakes Up To Cybersecurity Threats – Now What?

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

Stay Connected