You are right many of your work emails are

Threat actors are turning to business email compromise (BEC) attacks to steal more than money, experts have warned.

In a joint warning issued by multiple US law enforcement agencies, it has now been found that BEC attacks are targeting food companies to steal deliveries.

A joint cybersecurity advisory published (opens in a new tab) by the Department of Justice (DoJ), the Food and Drug Administration's Office of Criminal Investigations (FDA OCI), and the Federal Bureau of Investigation (FBI) states that hackers steal “large shipments of food products and ingredients”, the market price of which often reaches “hundreds of thousands of dollars”.

Sending food packages

The strategy is the same as with any other BEC attack: Hackers would compromise an executive's email account and then use it to send fraudulent orders, or simply mimic an order from a third-party email provider. Either way, the result is the same: food companies send out shipments of food that are never paid for.

However, the attackers do not eat the food. They resell it on the black market, which is a risk in itself, as they don't follow food safety regulations and sanitary practices, the notice says. People who end up eating these foods are at risk of various diseases.

“Businesses in all industries (buyers and suppliers) should consider taking steps to protect their brand and reputation from fraudsters who use their name, image and likeness to commit fraud and steal products,” the company said in its opinion.

To protect against these attacks, the organizations say, companies need to educate their employees about the dangers of business email compromise attacks, as well as phishing attacks.

They should also organize frequent training so that they are aware of the risks of clicking on suspicious links or downloading suspicious attachments. Finally, they should regularly scan the Internet to see if someone is stealing their identity (opens in a new tab) or abusing their image in any way.

Via: BleepingComputer (Opens in a new tab)

Share This