FBI says number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. Experts from Digital Shadows highlighted availability of huge archive online that could be used by crooks to target the companies. The same data could be found on publicly-accessible rsync, FTP, SMB, and NAS drives. Some 12.5 million archive files containing sensitive and financial information have been exposed online. The risks of BEC can be mitigated with a range of security measures.Corporate email accounts can be compromised for as little as $150.”]
Source: https://securityaffairs.co/wordpress/76939/cyber-crime/bec-scams-hacked.html