Business Email Compromise (BEC) Criminal Ring

2020-07-10 11:12

Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries.

Rather than use free accounts, Cosmic Lynx will register strategic domain names for each BEC campaign to create more convincing email accounts.

Cosmic Lynx also has a strong understanding of the email authentication protocol DMARC and does reconnaissance to assess its targets' specific system DMARC policies to most effectively circumvent them.

The fake lawyer will email the same executive that the "CEO" wrote to, often in a new email thread, and share logistics about completing the transaction.

Unlike most BEC campaigns, in which the messages often have grammatical mistakes or awkward wording, Cosmic Lynx messages are almost always clean.

News URL

https://www.schneier.com/blog/archives/2020/07/business_email_.html

#compromise #criminal #email

News URL

Related news