BEC-International Slack Channel
In the early parts of December 2015, I sent an email to a few security researchers, asking who wanted to help fight BEC (Business Email Compromise) related fraud. The goal was simple: try to figure out how BEC worked and stop it. A few weeks later around Christmas time, the BEC mailing list was born with a little over 100 people who wanted to help stop the type of fraud. We had high hopes that we would make an impact by Blackhat 2016, but the more and more we looked at this type of fraud the more we realized the “can of worms” we opened was more like an entire truck load of worms, on fire, inside of a dumpster, also on fire, with spaghetti piled on top. Oh, and split that between nine continents and four dimensions. Wibbly wobbly kind of stuff.
On this quest we learned a lot about BEC such as how romance scams, account takeovers, phishing kits, rap songs, mugus, and malware all relate. Over the last three years, we have successfully stopped millions of dollars, taking out thousands of romance accounts, helped contribute to over 100 arrests globally, held three conferences, and even received an award for the efforts of the 600+ members, which includes a lot of collaboration between the private and public sector, both foreign and domestic.
The biggest lesson of all is that it only takes a few good and passionate people to really make a difference. We all took our dayjob, religion, race, gender and government hats off and regardless of geographic or language constraints, we did a good thing. Together. And we’re looking for more folks to keep doing good.
Starting today, we are launching the BEC-international Slack channel to help combat these type of threats. Over the last few days dozens of security researchers have gotten comfy in the Slack channel and are ready to help. When working with threat intelligence we often operate at the TLP:Amber level or higher due to trust, however BEC-international discussions will happen at the TLP:White level, meaning anyone can come and use the data as they see fit. Our goals are simple, continue impacting the 12 billion dollar beast we know as BEC, help the 150 countries who are affected globally, and start making a difference. We don’t know if this will succeed or fail, but we won’t know if we don’t try. Channels are set up for supported languages and can add more as needed.
The rules for the Slack channel is simple. 1. Please be respectful to one another as we’re all working towards a common goal. 2. Don’t share PII in the public channels, but look for a contact that can make use of the information. 3. Absolutely NO victim shaming. 4. Have fun and make a difference!
If you aren’t technical, that’s fine. Do you have an email account of someone who tried to scam you? Are you simply re-tweeting or re-sharing this post? You’re helping! Come and help make a difference in the world, because someone has to.