Cyber security news for all

More

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams hundreds of multinational corporations in about 40 countries from 2019.  Cosmic Lynx, which Agari suggests as the name of the gang, employ social engineering techniques and well-written email messages crafted to scam the upper level of executives as stated by the report. The researchers think about 200 of these types of schemes are already done by this group, and some will continue into July.

    In about 3/4th of the BEC attacks that were examined by Agari, it was found that the gang was looking to lure those with titles like the managing director, vice president, or general manager. In most cases, it attacks were on organizations that lack security authentication checks and protections, which include reporting and conformance, domain-based message authentication, or DMARC. The report reveals that this gang always sends emails that replicate the CEO’S profile.

    Cosmic Lynx sophisticated operation

    As of July 2019, these fraudsters show themselves to be representatives from a company located in Asia that are working with a known company to transact payments for potential owners. The members of these gangs have hijacked the ownership of legal law firms that are located in the UK—posing as external legal counsels that are working on a fictitious deal, as stated by the report. Agari has also revealed that they aims to make the executives of these companies their targets to move  funds to bank accounts in Eastern Europe or Hong Kong, which are handled by these criminals.

    Cosmic Lynx tactics

    These criminals do make research by using commercial services to build a list of people to get their emails that will replicate other executives and start manipulating data as revealed by the report. They have come up with ways of moving past email protection tools like DMARC.

    Cosmic Lynx Russia ties

    It seems cosmic Lynx is one of the first organized Russia based groups that has expanded into the BEC fraud if we are to go by Agari report.

    Recent Articles

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox

    [tdn_block_newsletter_subscribe input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="730" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="" tds_newsletter4-image="731" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="732" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" embedded_form_code="YWN0aW9uJTNEJTIybGlzdC1tYW5hZ2UuY29tJTJGc3Vic2NyaWJlJTIy" tds_newsletter="tds_newsletter1" tds_newsletter3-all_border_width="2" tds_newsletter3-all_border_color="#e6e6e6" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjAiLCJib3JkZXItY29sb3IiOiIjZTZlNmU2IiwiZGlzcGxheSI6IiJ9fQ==" tds_newsletter1-btn_bg_color="#0d42a2" tds_newsletter1-f_btn_font_family="406" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="800" tds_newsletter1-f_btn_font_spacing="1" tds_newsletter1-f_input_font_line_height="eyJhbGwiOiIzIiwicG9ydHJhaXQiOiIyLjYiLCJsYW5kc2NhcGUiOiIyLjgifQ==" tds_newsletter1-f_input_font_family="406" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSIsInBob25lIjoiMTMifQ==" tds_newsletter1-input_bg_color="#fcfcfc" tds_newsletter1-input_border_size="0" tds_newsletter1-f_btn_font_size="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTEiLCJhbGwiOiIxMyJ9" content_align_horizontal="content-horiz-center"]