Introduction to BEC attacks
The term “business email compromise” (BEC) refers to the use of email fraud with the aim to accomplish malicious purposes. BEC attacks usually rely on the lack of information security awareness of the employees of the targeted organizations. These employees often open malicious attachments and visit malicious web pages without any security precautions.
BEC attacks are widely spread. Just within the time period between 2016 and 2018, fraudsters succeeded to make more than $5 billion from BEC attacks. As a result of the popularity of the BEC attacks, many organizations started carefully scrutinizing their email correspondence in order to identify and neutralize malicious messages. This, in turn, pushed cyber-attackers to develop new and sophisticated forms of BEC scams that are difficult to detect. For example, the Russian hacker group Cosmic Lynx relies on very well-written and highly customized fraudulent emails which have a high potential for misleading the recipient.
In this article, we will examine in detail the sophisticated BEC attacks initiated by the Russian group Cosmic Lynx. Afterwards, we will provide guidelines on how to avoid advanced BEC attacks.
