Monday, March 1, 14:13
Home security BEC phishing attacks: New hacking team targets large companies

BEC phishing attacks: New hacking team targets large companies


A new hacking-phishing team, targeting large Companies worldwide, was recently discovered. The BEC (Business email compromise) scams can be extremely lucrative for criminals. The victims can lose hundreds of millions of dollars a month if they are deceived and send money to accounts belonging to Criminals.

The hacking team was discovered and analyzed by the security company Agari. The researchers named it Cosmic Lynx. Phishing campaign has targeted people in 46 countries, on six continents. The team studies target organizations and their executives well and sends phishing emails for current issues such as COVID-19.

Researchers say the infrastructure behind the phishing business is linked to the campaigns Trickbot and Emotet, however, several changes have been made.

It is important that a criminal group turns to BEC attacks. This means that more and more hackers are realizing that they are worth investing in attacks because they can be more profitable than others, which are also based on emails.

“Unlike traditional BEC teams, Cosmic Lynx can develop much more complex and creative attacks which sets them apart from other more general BEC attacks we see every day, ”said Crane Hassold, director of research at Agari.


In most cases, the individuals targeted hacking team, it is high-ranking company executives (vice presidents, general managers, etc.). The attack starts with me phishing emails, which appear to come from the CEO of the target company.

In almost all cases, the original phishing emails describe it in detail supposed acquisition of an Asian company. The assailant tells the victim that it is a secret case and that he should not say anything to anyone else.

Researchers note that unlike other BEC attacks, the emails are well written and contain business and financial terms.

After the initial phishing email, the "CEO" sends e-mail and in one lawyer to help complete the financial transaction. Emails from the "lawyer" are also sent by Cosmic Lynx.

"It is very rare for a BEC team to make a double face. This shows the extra effort that Cosmic Lynx makes on attacks "to make them more realistic," said Hassold.

After the involvement of the "lawyer", the victim is usually persuaded to transfers hundreds of thousands or even millions of dollars to Hong Kong accounts, which end up in the hands of fraudsters.

Researchers believe the team carries out phishing campaigns for at least a year. It is not possible to say how many organizations have fallen victim to BEC attacks or how much money criminals have made. However, the campaign is still active.

If someone thinks they may be the target of a BEC phishing attack, It is a good idea to contact the person from whom the email appears to be coming. As we said, the attacker represents an accomplice or even a known one. Therefore, there must be communication to confirm that the email actually came from him.  


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


Mageia 8: The new Linux distribution brings a lot of new updates

The team behind the Mageia distribution, after a year and a half of development, released a stable version of Mageia 8. It will receive support ...

Uber is accused of asking "sophisticated questions" to drivers

Uber is accused of using "sophisticated questions" in an investigation it sent to drivers, after a court ruling ruled that the company ...

How often do you make security updates on your mobile?

After the recent revelation of Samsung, that it will give its phones security updates for four years, it makes sense for some to wonder ...

SEC investigation into Elon Musk for Dogecoin tweets Σύμφωνα με πληροφορίες, ο Διευθύνων Σύμβουλος της Tesla Elon Musk, βρίσκεται για ακόμα μια φορά κάτω...

YouTube Shorts is in beta in the United States

TikTok has caused a huge change in the field of social media. He managed to spread the meaning of short videos, and he did ...

Chrome: The sites will open in desktop mode on large Android tablets

Google Chrome is experimenting with a new feature that will automatically open web pages in desktop mode on an Android tablet that have several ...

Stalkerware: Russia, Brazil and the US were most affected in 2020

New research from the cyber security company "Kaspersky" points out that Russia, Brazil and the USA were the countries that were most affected ...

Why is the trend of selfie pop-up cameras being lost?

In recent years, technology companies have made bezels (also known as hoops) as thin as possible. In this way,...

Gab: Data from far-right users of the platform leaked

It was about a month and a half ago when Twitter and other major social networking platforms banned Donald Trump and other users with ...

T-Mobile: The company's customers received SIM swapping attacks!

The telecommunications provider "T-Mobile" revealed that it suffered data breach, after realizing that some of its customers were victims of SIM swapping attacks ....