A new phishing campaign that targets businesses goes beyond business email compromise or CEO fraud. Barracuda is calling it the new insider threat The threat actor creates an email address that may appear like the real thing, just like what weve seen here, and then uses it to convince someone in the organization to wire money their way. Businesses can combat this new attack by continuous education and awareness efforts. It pays to add multifactor authentication for additional ways employees can verify their identities before being allowed to access their work emails.”]
Source: https://blog.malwarebytes.com/security-world/2017/09/insider-threats-in-your-work-inbox/