Microsoft has expressed concern over the growing sophistication and popularity of Business Email Compromise (BEC) scams, in which criminals impersonate familiar individuals to deceive victims. In their investigation spanning from April 2022 to the previous month, Microsoft discovered a staggering 35 million attempted cases of BEC.
Attackers in these schemes use BulletProftLink, which supports users with a variety of tasks, including the creation of email templates and the hosting of malicious websites referenced in phishing emails. They also use phishing-as-a-service like Evil Proxy, Naked Pages, and Caffeine
to deploy phishing campaigns and obtain compromised credentials. It was used for BEC scams like payroll, invoice, gift cards, business information, and a host of others.
Furthermore, attackers buy IP addresses from third parties in order to set up “residential IP proxies.” This allows hackers to conceal their genuine identity by making the emails look to have been sent from the same place as their victims.
Microsoft responded by emphasizing the need of enterprises having procedures to detect messages originating from third parties. Employees should also be educated to spot the warning indications of malicious emails.
The sources for this piece include an article in Axios.