Business Email Compromise Groups Springing up in New Locations
The Business Email Compromise (BEC) attacks are one the rise globally as new fraud gangs are emerging to trick firms into handing over money. Recently, a security company Agari has detected and analyzed new waves of BEC activities across the globe.
What was discovered?
As corporate phishing scams have become more lucrative, BEC attackers have significantly increased their footprint in the U.S., South Africa, the U.K, and other countries around the world.
- According to the Agari report, BEC scammers have been seen actively targeting new regions, including Eastern Europe and Russia.
- Nearly half the BEC scammers are based in the five U.S. states – California, Florida, Georgia, New York, and Texas. Additionally, BEC attacks have been detected in 45 states across the U.S. in total.
The lure of BEC attacks
Cybercriminals have been brazenly attempting to trick companies into sending over huge payments. The profit from BEC attacks has become more palpable and alluring for new gangs.
- Another recent report indicates that the first documented Russian BEC group Cosmic Lynx has been aiming an astounding $1.27 million in its attacks, as first identified in July.
- According to the report, the average wire transfer attempted in the second quarter of 2020 was $80,183, up notably from $54,000 in the first quarter.
Recent BEC incidents
Over the course of the past few months, multiple cybercriminals have engaged themselves in BEC scams to gain large sums of money.
- In September, cybercriminals had netted at least $15 million in a business email scam campaign in the U.S.A, affecting over 150 organizations ranging from law, construction, finance, and retail.
- Trading firm Virtu Financial had disclosed in August that it lost $6.9 million in a business email compromise scam in May.
The bottom line
The scope of the targeted geographical distribution of BEC scammers is expanding rapidly and has extended to much larger areas than it was just a few years ago. This means that cyber criminals are growing and becoming more diversified and making new hubs for BEC activities.