The FBI warned today that some business email compromise (BEC) scammers have moved their attack vectors to virtual meeting platforms, where they dupe employees into transferring money to them by posing as the CEO or CFO of the victim organization.
These types of attacks rose between 2019 and 2021, as attackers took advantage of employees working from home due to the pandemic, according to the FBI. Among their M.O.s: hijacking an exec's email account and inviting employees to a virtual meeting. To disguise themselves, they insert the exec's photo and use chat or email to request a funds transfer, pretending their video and sound is inoperable in the virtual meeting. They also use stolen employee email accounts to join company virtual meetings to gather intel on the company. In other cases, they have sent spoofed emails purportedly from the CEO or other exec's account with instructions for transferring money for them, claiming they are unable to do so because they were "in a virtual meeting."
The FBI recommends vigilance about joining virtual meeting platforms not typically used by your organization, using multifactor authentication for accounts, verifying email addresses to ensure they aren't spoofed, and other due-diligence practices to avoid getting social-engineered.