Business Text Compromise (BTC)
Targets executives or finance teams with the intent to defraud companies.
Just like it’s annoying cousin, Business Email Compromise (BEC) BTC attacks will request information, funds to be sent, or wire transfer through a SMS or Text message. The cybercriminal will impersonate a trusted vendor or company executive and targets new employees who might know company processes yet or employees who access to bank information, like accounts payable or finance.
While BEC is deliver through email, cybercriminals are having success with this type of scam through SMS text messaging so it’s earned the name Business Text Compromise or BTC. Some sample subject lines include urgent, request for payment, and transfer.Some of the same categories of BEC scams are also present in BTC including:CEO or CFO Fraud: When a cybercriminal poses as the CEO or other executive and asks employees to complete a money transfer or send gift cards.Account Take Over: When an employee’s account has been hacked and used to request payments using email contacts and sent from the legitimate email address. Then payments are sent to cybercriminal’s bank accounts instead of the actual vendor.Vendor Impersonation- Vendors are often the target of these attacks, where cybercriminals impersonate vendors requesting fund transfers for payments to an account owned by cybercriminals.IRS Impersonation- Cybercriminals impersonating a lawyer asking for fraudulent requests to gather confidential information.
SlashNext Blog | Business Emai Compromise BEC
Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.
It’s Time to Get Started with SlashNext
Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.