“We’ve been seeing a rapidly growing number of BEC attacks impersonating external third parties," Crane Hassold 🏗 cnn.com/2022/12/16/pol…

"Crypto is not real. Like the platinum coins in EverQuest, it has no intrinsic value and is untethered to anything but the shared belief by many people that it is actually worth something." Time to stop the hustle. newrepublic.com/article/169455…

The complete cratering of #BEC attack volume in the last few weeks of the year is one of the most fascinating annual trends. Without fail, in the first few days of Jan, we have to check the status of our tools bc our active defense engagements dropped so much at the end of Dec.

MeidasTouch What they were saying — trust me, I do this professionally.

Secret congressional codenames revealed during roll call #politics

Just because cyberattackers make use of the latest artificial intelligence system does not mean the attacks are harder to detect, for now, Rob Lemos (@roblemos just about everywhere) reports. bit.ly/3GXkl4R #ChatGPT #AI

If a phishing email is enhanced by ChatGPT, but it never makes it to its target, does it really matter how well-written it is?

🗣 All hail the New York Giants

When a #BEC actor accidentally pastes the Google search they're using to identify targets instead of mule account details. 😶

Published a new blog post today looking at a few recent #phishing campaigns that show how cybercriminals have incorporated HR announcement themes into their attacks to take advantage of the new year transition. intelligence.abnormalsecurity.com/blog/hr-policy…

Tune in Tuesday, Jan. 31, for our #RemoteSessions webcast on email attack vectors and how to stop them, with Crane Hassold 🏗, Director of Threat Intel for Abnormal AI. Register here: hubs.li/Q01zvkfs0

Instead of responding with a mule account, this #BEC actor decided to send the full format he uses for his payroll diversion attacks. 🤦‍♂️

Published a new blog post today on multilingual #BEC attacks and how actors leverage Google Translate to target companies in 13+ languages. Includes details of two threat groups with my favorite names to date: Midnight Hedgehog and Mandarin Capybara! intelligence.abnormalsecurity.com/blog/midnight-…

One of the best parts about publishing research on a new threat group is seeing the graphics reporters use in their articles. Bravo Becky Bracken! 10 out of 10 for finding this graphic for Mandarin Capybara!

Lots of BEC actors are going to be pretty happy after today...

AI deepfake voice scams pop up in the news every now and then. Sounds scary, but practically, they can't be scaled. I recently chatted with Lily Hay Newman at WIRED about their limitations and how scams have gotten the same results without AI for years. wired.com/story/ai-voice…

👨‍🍳 😘