Sunday, January 24, 12:45
Home security BEC attacks: Hacking team demands $ 1,27 million from victims

BEC attacks: Hacking team demands $ 1,27 million from victims

The hacking teams that perform BEC attacks, have begun to become more aggressive and dangerous. The average amount that a BEC team tries to steal from a targeted one company is about $ 80.000 per attack, According to a report published yesterday.

In accordance with Anti-Phishing Working Group (APWG), a team of 2.200 government cyber security organizations services, law enforcement agencies and non-governmental organizations, the number is over $ 54.000, the average amount that BEC teams tried to receive in the first quarter of 2020.

The APWG publishes quarterly reports on phishing attacks from 2004.

Most of these reports are usually focused on e-mail Phishing attacks, focusing on theft credentials connection and distribution malware. However, since the mid-2010s, BEC attacks are becoming more common in APWG reports. BEC attacks are one of the most common threats in recent years.

The scams BEC or Business Email Compromise (BEC), usually start with phishing email sent to employee of a company. The ultimate goal is to trick the employee into paying fake invoices or transferring money to account controlled by the invaders.

In recent years, there have been many criminal groups involved in BEC fraud. Some groups aim to make hundreds of millions of dollars, but most do usually ask for small sums to prevent companies from launching investigations and legal action. Of course, the amounts are enough to have a lot of revenue.

Cosmic Lynx

However, according to the security company Agari, who is a member of the APWG, in the 2nd quarter of 2020, a team performing BEC appeared attacks and asks for huge sums of money. This is a newly formed team from Russia, called Cosmic Lynx.

According to a previous Agari report, Cosmic Lynx appeared in July 2019 and has targeted 46 entities on six continents as part of 200 different hacking campaigns. The group is special because it is based in Russia (ie outside West Africa, where most BEC gangs are located) but also for attacks and for the amounts he seeks.

"The average amount requested by Cosmic Lynx in its attacks is $ 1,27 million", Said Agari in the APWG report.

This makes Cosmic Lynx stand out from the vast majority of other BEC teams, who are content to raise a few thousand dollars so as not to arouse the interest of the authorities.

However, the new Cosmic Lynx team does not seem to be afraid of persecution, or at least persecution in the West countries, and tries to trick companies into sending huge sums of money.

Ο Crane Hassold, Senior Director of Research at Agari, believes that more and more BEC teams will appear in Russia because Russian authorities protect hacking groups from persecution in Western countries.

In addition, the benefits for Russian hacking groups are very obvious as well social engineering is more efficient and effective than the more complex and expensive malware attacks.

The predictions of the Agari executive are grounded, as the BEC attacks bring several gains to the attackers. The FBI reported that BEC scams accounted for half of the losses reported in 2019 ($ 1,77 billion out of a total of $ 3,5 billion).


Please enter your comment!
Please enter your name here

Digital Fortress
Pursue Your Dreams & Live!


Signal: How to check if your messages are private and secure?

The Signal messaging application has suddenly gained a large number of new users, which is due to the recent "scandal" of WhatsApp, which announced ...

Instagram: How to enable notifications for specific profiles

There are some profiles on Instagram where you want to see the content they publish as soon as possible - it can be a news ...

NASA's historic launch pad is to be demolished

NASA's famous Mobile Launcher Platform-2 launch platform, which has been linked to the Apollo and Space Shuttle missions, ...

Elon Musk: Gives $ 100 million for best CO2 capture technology Ο Elon Musk δήλωσε χθες, στο λογαριασμό του στο Twitter, ότι σκοπεύει να δώσει 100 εκατομμύρια...

How can you unblock sites and services using a VPN?

The Internet is free and open to all. However, there are some sites and services whose content is blocked, which ...

Google Chrome: How to manage your extensions?

Google Chrome extensions can be very useful, as they improve your productivity when using the browser.

Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...