BEC Remediation and Post-attack Resilience Enhancement
Full Attack Chain Revealed
Attackers managed to compromise a senior employee’s mailbox and establish malicious mailbox rules. They succeeded in changing the bank account details of the employee, then used this change to transfer several million dollars to their own accounts.
Sygnia was called in to respond to the breach. A Sygnia IR team identified the full attack chain, including the original phishing email, subsequent credential harvesting, and other malicious access methods. All malicious access and mailbox rules were identified and removed.
Phishing Email Traced to Compromised Law Firm
Sygnia’s forensic analysis revealed that the source phishing email originated from a compromised law firm. The law firm was identified and informed of the incident.
Sygnia worked with the client to establish secure practices that enhanced resilience and helped prevent a recurrence of similar attacks.
A Sygnia team identified the full attack chain including the original phishing email, subsequent credential harvesting, and malicious access methods