Threat Cyclopedia

Business Email Compromise (BEC) attacks are designed to commit financial fraud against organizations. These attacks commonly involve impersonating trusted individuals via email, such as colleagues, superiors, or vendors, to execute various fraudulent schemes like Invoice Fraud, Payroll Theft, Unauthorized wire scams, and more. By exploiting established professional relationships, these scams deceive employees, resulting in substantial financial losses or the exposure of sensitive information for the targeted organization.

Business Email Compromise Threat Types

• BEC: Payroll Theft Fraud incidents where attackers impersonate employees, aiming to mislead HR into rerouting paychecks to fraudulent accounts.
• BEC: Funds Scam Funds scams involve attackers posing as trusted entities to deceive recipients into transferring money to fraudulent accounts.
• BEC: Reconnaissance A BEC reconnaissance email aims to start a conversation with the victim in an urgent tone to build trust and carry out various scams later on.
• BEC: Assistance Scam In BEC Assistant Scams, attackers pretend to be executives or colleagues, asking for assistance or a favor to prompt a response.
• BEC: Gift Card Scam In BEC Gift Card scams, scammers pretend to be executives or colleagues, persuading the victim to buy them gift cards for false reasons.
• BEC: Attorney Scam In BEC Attorney Scams, attackers impersonate executives and urge the target to engage with a phony law firm to execute forged contracts.
• BEC: Generic BEC Generic attacks usually aim to execute commercial scams, such as fictitious partnerships and investment opportunities.
• BEC: W Form BEC W-form scams involve attackers posing as colleagues or legal representatives to obtain employees' tax-related documents.
• BEC: Invoice Fraud Invoice fraud involves attackers posing as executives or suppliers to deceive recipients into paying bogus invoices.

Social engineering scams target individuals rather than businesses. These schemes exploit human psychology to deceive victims. Examples include phony job offers, where victims pay up front for non-existent positions, buying scams involving fraudulent online sales, and deceptive investment opportunities that promise high returns with minimal risk. Such scams manipulate trust and urgency to trick individuals. The goal is to capitalize on the victim's hopes or fears, leading to financial loss or compromised personal information.

Social Engineering Threat Types

• SE: RFQ Scam RFQ scams involve attackers posing as genuine entities and requesting to purchase goods on credit terms without the intention of payment.
• SE: Scam Scam emails to perform online frauds, ranging from fake jobs, lottery winnings, phony investment opportunities, etc.
• SE: Donation Scam Donation scams involve fraudsters convincing recipients that they qualify for a donation or charity based on fabricated reasons.
• SE: Loan Scam Loan scams involve fraudsters posing as legitimate lenders offering loans with generous terms in exchange for a nominal fee.
• SE: Beneficiary Scam Beneficiary scams involve fraudsters convincing recipients they're entitled to an inheritance from a wealthy individual or entity, citing fabricated reasons.
• SE: Investment Scam Investment scams involve fraudsters posing as legitimate investors offering lucrative investment opportunities for a nominal fee.
• SE: 419 Scam A 419 scam, also known as an advance-fee fraud or Nigerian scam, involves soliciting a target through an email or letter.
• SE: Lottery Scam Lottery scams deceive victims by convincing them they've won a lottery and then requesting personal information to claim the funds.
• SE: Romance Scam Romance scams exploit emotional manipulation to target individuals seeking companionship for monetary gain.
• SE: Purchase Scam Purchase scams involve fraudsters emailing fake purchase confirmations and asking to call their numbers to cancel the transaction.
• SE: Threat Scam In Threat scam sender attempts to intimidate the recipient into sending money or providing sensitive information by threatening them with negative consequences.
• SE: Sextortion Sextortion is a form of cyber extortion scam where the sender threatens to release explicit or compromising images or videos of the recipient unless they pay a ransom.
• SE: Job Scam Job scams involve fraudsters posing as legitimate employers and tricking job seekers in various ways for personal information or payments.

Spam and BulkMail are unsolicited emails sent without the recipient's explicit permission. These are primarily sent for commercial purposes. The content often includes advertisements for various products, services, or upcoming events. While spam is not inherently malicious, it can still overwhelm inboxes. This can significantly reduce the productivity of individual users. IT teams tasked with managing these messages also face increased challenges.

Spam & BulkMail Types

• Sales outreach Sales outreach by companies or individuals to potential customers, presenting products and services with a professional tone and personalized content tailored to the recipients.
• Marketing Ads Spam emails frequently promoting questionable products like electronics, diet pills and counterfeit items. They commonly feature vibrant banners and lack user personalization.
• News & Announcements Spam emails containing invitations, polls, campaign donation requests, and other similar content, typically unrelated to the recipient's interests.
• Hybrid Spam Commercial spam emails blending traits from other specific types of spam, showcasing varied intents and formatting styles.

Emails with phishing links direct users to malicious content, including sites designed for stealing credentials, those laden with malware, deceptive sites promising free gifts, and pages that falsely intimidate users for baseless reasons.

Often, these emails imitate genuine communications from credible sources like banks, social media platforms, or even colleagues and employers, aiming to convince recipients that the request is legitimate and requires immediate attention.

Phishing Link Types

• Credential Stealing Email links that are designed to steal credentials or request sensitive information.
• Fraudulent Website Email links that are designed to conduct social engineering scams such as gift, shipment, and Bitcoin scams.
• Technical Support Scam Email links that falsely flag users' computers as infected with viruses, prompting them to call a scammer for remote support.
• Rogue Software Email links downloading malware or software exploits aimed at compromising the user's device.
• QR Phishing Emails containing QR codes that redirect to websites stealing credentials or personal information.

Phishing attachments often carry various forms of malicious content, including malware, phishing links, HTML pages designed for phishing, and messages crafted through social engineering. These attachments typically disguise themselves as harmless files, such as documents or ZIP files. The accompanying email usually features a social engineering message designed to entice users into downloading and opening these seemingly harmless attachments.

Phishing Attachment Types

• Credential Stealing HTML or PDF phishing attachments that are designed to steal credentials or request sensitive information.
• Fraudulent Website HTML or PDF attachments that are designed to conduct social engineering scams such as gift, shipment, and Bitcoin scams.
• Technical Support Scam HTML attachments that falsely flag users' computers as infected with viruses, prompting them to call a scammer for remote support.
• Rogue Software Binary or document attachments embedding malware or software exploits aimed at compromising the user's device.
• QR Phishing HTML or PDF attachments containing QR codes that redirect to websites stealing credentials or personal information.