Original release date: December 16, 2022
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA) have released a joint Cybersecurity Advisory (CSA) detailing recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food products and ingredients valued at hundreds of thousands of dollars. The joint CSA analyzes the common tactics, techniques, and procedures (TTPs) utilized by criminal actors to spoof emails and domains to impersonate legitimate employees and order goods that went unpaid and were possibly resold at devalued prices with labeling that lacked industry standard “need-to-knows” (i.e., necessary information about ingredients, allergens, or expiration dates).
For more information, CISA encourages organizations to review the guidance provided by the FBI, FDA OCI, and USDA in joint CSA Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients—whereby businesses are urged “to use a risk-informed analysis to prepare for, mitigate, and respond to cyber incidents and cyber-enabled crime.”
This product is provided subject to this Notification and this Privacy & Use policy.
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA and the Australian Signals Directorate’s Australian Cyber Security Centre, in collaboration with federal and international…
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of ongoing intrusions by People’s Republic…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.