Case Studies

Artificial intelligence opens up new, fascinating possibilities – unfortunately also for cybercriminals. They are increasingly using so-called deepfakes: AI-generated fakes of videos, images or voices that are used in the work environment for deceptively real attacks.

Business email compromise is a targeted form of digital fraud in which attackers exploit internal business processes through manipulated or compromised email communication. The goal is to redirect payments, steal sensitive data or manipulate processes.

Companies in various industries nowadays rely heavily on email communication and online transactions for their business operations. However, as efficient as this way of doing business is, it also opens the door to cybersecurity threats, such as email and wire fraud.

A restaurant was informed about an IT security incident at a software provider used whose platform is used for ordering, administration and payments. Attackers gained unauthorized access to personal customer data, including names, email addresses and, in some cases, credit card details. The trigger was the misconduct of an external accounting employee who accidentally entered her access data on a fake login page that looked deceptively similar to the original platform.

Cybercriminals rely on email scams. But anyone who thinks that criminals only send clumsy phishing attempts with poorly written, faulty emails is mistaken. Criminals sometimes put a lot of effort into planning, designing, and executing email fraud. The experts of the Incident Response Management Team have recorded an increase in these attacks. To show you how sophisticated some of these attacks are, we present the following case. You will see the attackers send fake emails, misuse the names of well-known companies for their scam, invent products, create fake websites, copy real companies, and more.