The hacking teams that perform BEC attacks, have begun to become more aggressive and dangerous. The average amount that a BEC team tries to steal from a targeted one company is about $ 80.000 per attack, According to a report published yesterday.
In accordance with Anti-Phishing Working Group (APWG), a team of 2.200 government cyber security organizations services, law enforcement agencies and non-governmental organizations, the number is over $ 54.000, the average amount that BEC teams tried to receive in the first quarter of 2020.
The APWG publishes quarterly reports on phishing attacks from 2004.
Most of these reports are usually focused on e-mail Phishing attacks, focusing on theft credentials connection and distribution malware. However, since the mid-2010s, BEC attacks are becoming more common in APWG reports. BEC attacks are one of the most common threats in recent years.
The scams BEC or Business Email Compromise (BEC), usually start with phishing email sent to employee of a company. The ultimate goal is to trick the employee into paying fake invoices or transferring money to account controlled by the invaders.
In recent years, there have been many criminal groups involved in BEC fraud. Some groups aim to make hundreds of millions of dollars, but most do usually ask for small sums to prevent companies from launching investigations and legal action. Of course, the amounts are enough to have a lot of revenue.
However, according to the security company Agari, who is a member of the APWG, in the 2nd quarter of 2020, a team performing BEC appeared attacks and asks for huge sums of money. This is a newly formed team from Russia, called Cosmic Lynx.
According to a previous Agari report, Cosmic Lynx appeared in July 2019 and has targeted 46 entities on six continents as part of 200 different hacking campaigns. The group is special because it is based in Russia (ie outside West Africa, where most BEC gangs are located) but also for attacks and for the amounts he seeks.
"The average amount requested by Cosmic Lynx in its attacks is $ 1,27 million", Said Agari in the APWG report.
This makes Cosmic Lynx stand out from the vast majority of other BEC teams, who are content to raise a few thousand dollars so as not to arouse the interest of the authorities.
However, the new Cosmic Lynx team does not seem to be afraid of persecution, or at least persecution in the West countries, and tries to trick companies into sending huge sums of money.
Ο Crane Hassold, Senior Director of Research at Agari, believes that more and more BEC teams will appear in Russia because Russian authorities protect hacking groups from persecution in Western countries.
In addition, the benefits for Russian hacking groups are very obvious as well social engineering is more efficient and effective than the more complex and expensive malware attacks.
The predictions of the Agari executive are grounded, as the BEC attacks bring several gains to the attackers. The FBI reported that BEC scams accounted for half of the losses reported in 2019 ($ 1,77 billion out of a total of $ 3,5 billion).