According to the FBI, the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018.
Business email compromise (BEC) and email account compromise (EAC) scam losses worldwide increased by 136% from December 2016 to May 2018, in the same period overall BEC/EAC losses result in $12 billion.
Experts from Digital Shadows highlighted the availability of huge archive online that could be used by crooks to target the companies. It is quite easy to find online AWS buckets containing backups of email archives, the same data could be found on publicly-accessible rsync, FTP, SMB, and NAS drives.
The experts estimated that some 12.5 million archive files (.eml, .msg, .pst, .ost, .mbox) containing sensitive and financial information have been exposed online.