• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » scam » Russian Cyber Criminals Targeted Companies in 40 Countries

Russian Cyber Criminals Targeted Companies in 40 Countries

2020-07-13 by Max

Russia BEC Scam

Cosmic Lynx Group Using BEC Scams to Steal from Corporations

Russian cybercriminals are targeting corporations across 40 countries in an ongoing business email compromise  (BEC) attack. The cyberattack attempts to trick victims into paying a fraudulent invoice for a fake business acquisition. If the invoice is paid, the money is transferred to a bank account in Hong Kong or Eastern Europe that is controlled by the threat actors.

The Russian based cybercriminals, named Cosmic Lynx Group, have been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to cyber security firm Agari.

Cosmic Lynx  seems to choose targets based on their job title. The messaging in the attacks impersonates a payment processing company. The target is directed to send payments two accounts controlled by Cosmic Lynx.

Motley Fool

The Russian fraudsters use social engineering to obtain the names and job titles of corporate employees. The employees are then targeted with a spearfishing phishing email message that asks them to pay a fake business-related invoice. if the target is fooled by the messaging in the phishing email, the money is transferred away from the corporation to bank accounts in Hong Kong, Hungary, Portugal, or Romania that are controlled by the hackers. The target employee maybe even asked to split up payments across multiple accounts to avoid supposed daily limits on wire transfers.

Cosmic Lynx uses an impersonation scheme. The messaging in their initial email impersonates the target company’s own CEO.  The email introduces an appointed legal firm in the UK and the employee is instructed to work with them for payments concerning a business acquisition. A second impersonation scheme uses the identity of the UK law firm to request the payments.

READ: Top 9 Cyber Threats for Businesses

About 75 percent of the attacks targeted upper level employees with the titles of vice president, general manager, or managing director.

“In many cases, Cosmic Lynx targets organizations that lack security protections and authentication checks, such as the Domain-based Message Authentication, Reporting and Conformance – or DMARC. The gang often sends emails that spoof the CEO’s profile, according to the report.”

What is a BEC scam?

A business email compromise, or BEC scam, is a type of cyber attack where the fraudster sends a simple email with the intentions of stealing money, credentials, or sensitive data. Frequently the threat actor sends a highly targeted phishing email to someone in a business who is capable of paying invoices or transferring money. The threat actors have usually done some work ahead of time – generally through social engineering – to identify the name, title, and contact information the target. They send highly crafted emails which seem plausible and familiar to the recipient . For example, the threat actor may send an invoice that claims to be originating from a company or an industry that the recipient is accustomed to doing business with. Because the contents of the email appears familiar, the recipient is more likely to follow the instructions in the email without taking the time to scrutinize the sender or the request.

This type of scam is far more lucrative then setting up a malware attack.

According to the FBI, financial losses due to BEC attacks increased 37% 2019. BEC tax account for 40% of all cybercrime losses last year .

Filed Under: scam Tagged With: BEC, Russia

About Max

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for https://www.askcybersecurity.com since early 2017.


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version