Sign In

Communications of the ACM

ACM TechNews

Phishing Attacks: This Sophisticated Group Has Been Operating Undiscovered for at Least a Year


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Going phishing.

A newly uncovered phishing group is thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape.

Credit: Bankinfosecurity.com

Cybersecurity researchers at the Agari security firm have found a new phishing group targeting large companies worldwide, which may have been operating undiscovered for at least a year.

Cosmic Lynx is the first business email compromise (BEC) organization of its kind operating out of Russia, and it has targeted individuals in 46 countries across six continents.

Cosmic Lynx combines research on target companies and their executives alongside two spoof email chains sent to victims that touch on current events, including the coronavirus pandemic.

Agari's Crane Hassold said this indicates "that more advanced attackers are realizing the return on investment for BEC attacks is significantly greater than more technically sophisticated email-based attacks."

Cosmic Lynx is also developing more refined BEC attacks—using messages featuring businesses and financial terms used in the proper context—that are harder for potential targets to detect.

From ZDNet
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account