© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Attackers impersonate CEOs in virtual meetings to extract money


Due to the rise in remote work during the COVID-19 pandemic, business email compromise (BEC) scams took a new turn. Attackers now impersonate CEOs in virtual meetings, using deep-fake videos and audio to extort money from unsuspecting victims.

In a BEC scam, criminals send an email message impersonating someone you know and trust, for example, the company's CEO. It turns out that criminals use not only written means of communication to try and trick you. They are now using different video conferencing platforms to add legitimacy to their urgent requests to transfer money.

BEC has always been a headache for businesses. According to the European Union Agency for Cybersecurity (ENISA) report, BEC cost businesses over €26 billion in 2020. The FBI said that complaints on BEC and other email compromises cost $1.8 billion in 2020.

According to the latest FBI alert, between 2019 and 2021, the FBI IC3 has received an increase of BEC complaints involving the use of virtual meeting platforms to instruct victims to send unauthorized transfers of funds to fraudulent accounts.

Here are a couple of ways how criminals use virtual meeting platforms to conduct BEC scams:

* Compromising an employer or financial director's email, such as a CEO or CFO, and requesting employees to participate in a virtual meeting platform where a criminal will insert a still picture of the CEO with no audio or deep fake audio and claim their video/audio is not properly working. They then instruct employees to initiate transfers of funds via the virtual meeting platform chat or in a follow-up email.

* Compromising employee emails to insert themselves in workplace meetings via virtual meeting platforms to collect information on a business's day-to-day operations.

* Compromising an employer's email, such as the CEO, and sending spoofed emails to employees instructing them to initiate transfers of funds, as the CEO claims to be occupied in a virtual meeting and unable to initiate a transfer of funds via their computer.

Scammer time

An analysis of over two million phishing emails by human layer security company Tessian shows that contrary to popular belief, scammers avoid marketing tactics.

Whereas advertisers use the 10 AM on Wednesday slot to bombard everyone’s email, most malicious emails are delivered between 2 PM and 6 PM, with very little fluctuation day-to-day, except for the weekend. The report claims that this is no accident.

Malicious actors bank on employees being stressed and tired, thus more likely to open a shady email or click an unsafe link.

After looking into millions of emails sent over 12 months from July 2020 to July 2021, researchers found that most phishing emails land at 2 PM when the majority of employees are focused on afternoon coffee. The next peak in activity comes close to 6 PM, with scammers hoping that the last email of the day will not face as much scrutiny as it should.

Fake CEOs are in love with gift cards

Quite often, attackers who impersonate CEOs, ask for money in gift cards.

"The scammer sends you an email impersonating your boss, either using a spoofed email address or by hacking into their account. They then make up a story about needing your help with something — an office surprise party, a company event, even a simple errand. Whatever the reason, they'll ask you to help by paying them with gift cards, promising to pay you back later. But once you hand over the gift card number and PIN, the money is gone," the Federal Trade Commission warned.

During the first nine months of 2021, 40,000 people reported losing a whopping $148 million in gift cards to scammers.

In January 2022, the Nigerian Police Force and INTERPOL arrested 11 alleged members of a prolific cybercrime network SilverTerrier, a network known for BEC scams that has harmed thousands of companies globally.


More from CyberNews:

$400 million of ransomware revenue went to Russia-linked groups in 2021

Texas sues Meta for violating privacy protection policies

Can AI algorithms predict your future?

Video conferencing is not safe for business - interview

Cyber adversaries kept pace in 2021 and moved beyond malware - CrowdStrike

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked