As spear-phishing and business email compromise continue to drive high-value cybercrime, attackers increasingly rely on trusted identities, cloud infrastructure and routine business workflows to bypass traditional security controls. Rather than exploiting software flaws, these campaigns succeed by manipulating timing, context and human behavior to gain access and move laterally within organizations.

This session, led by Andy Robinson of the City of London Police Cyber Crime Unit, examines how credential harvesting, look alike login pages and compromised email accounts enable fraud at scale. It also shows how digital forensics, cloud telemetry and cross-border collaboration can expose attacker infrastructure and support effective disruption.

This session will also cover:

• How spear-phishing campaigns are designed, validated and scaled using cloud services and automation;
• How business email compromise exploits trusted accounts, invoice processes and email rules to evade detection;
• What practical indicators and response actions can help organizations identify and stop fraud early.