Brian Krebs has updated his Blog: and his famous picture (how much is your hacked computer worth):
http://krebsonsecurity.com/2015/01/fbi-businesses-lost-215m-to-email-scams/
IC3 data – Internet Crime http://www.ic3.gov /about/default.aspx
The BEC is a global scam with subjects and victims in many countries. The IC3 has received BEC complaint data from victims in every US state and 45 countries. from 10/1/2013 to 12/1/2014 the following stats were reported(now look at image above):
total US victims: 1198
total US dollar loss: $179mil
total nonUS victims: 928
total nonUS dollar loss: $35mil
combined victims: 2126
combined dollar loss: $214mil
So Brian Krebs has updated his how much is your computer worth to hackers image:
So Brian reviews what can happen to your email account if somebody is able to take it over and use it for their own money making schemes.
If I attempted to put a small dollar amount on these accounts, how much is your email account worth?
Google: $2
Facebook: $2
iTunes: $3
Amazon: $3
Walmart: $3
Netflix: $2
Dropbox: $2
Salesforce: $2
Fedex:$1.50
UPS: $1.50
Bank acct: $4
Steam:$2.50
Total: $28.50 ? or more?
this is my image:
My list is only a partial one, but I am trying to make it more personal – and give the hack a certain dollar amount. I am trying to create awareness, also note the comments in BrianKrebs post:
You can click on the image or go to Brian’s site to read them, but I qwant to transcribe one of them in specific(bottom one):
“Almost word for word what happened to an affiliate company of ours. Slightly altered domain name appearing as someone’s VP, email request to wire funds, funds were sent, fund transfer frantically reversed at the 11th hour.”
This attack is used in a manner that was not even a hacked email account, just a slightly modified domain name with a wire transfer fund using the name of the VIP. What are the odds that 2 comments similar in nature one after the other? Criminals are preying on our good graces and naivety.
If you need help in working on your compliance on passwords, or testing other aspects of your security policy, i can help with the Omega Scan service:
http://oversitesentry.com/solutions/omega/
Here is the video to go along with this post