What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

From trendmicro.com

BEC or Business Email Compromise is a significant problem for businesses around the world. According to the Federal Bureau of Investigation (FBI), BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. This amount accounts for a large share of the US$6.9 billion that Americans lost to the combination of ransomware, BEC, and financial scams, based on the FBI report. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail Transfer Protocol (SMTP) services like SendGrid to send emails designed to bypass the filters from email service providers and security services that protect emails. By using these genuine services (but with stolen accounts), scammers can legitimize their emails. These schemes, when combined with cybercrime and open-source tools, often lead to BEC campaigns that are highly effective and successful for the scammers. 

Read more…