Communications of the ACM
Phishing Attacks: This Sophisticated Group Has Been Operating Undiscovered for at Least a Year
A newly uncovered phishing group is thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape.
Credit: Bankinfosecurity.com
Cybersecurity researchers at the Agari security firm have found a new phishing group targeting large companies worldwide, which may have been operating undiscovered for at least a year.
Cosmic Lynx is the first business email compromise (BEC) organization of its kind operating out of Russia, and it has targeted individuals in 46 countries across six continents.
Cosmic Lynx combines research on target companies and their executives alongside two spoof email chains sent to victims that touch on current events, including the coronavirus pandemic.
Agari's Crane Hassold said this indicates "that more advanced attackers are realizing the return on investment for BEC attacks is significantly greater than more technically sophisticated email-based attacks."
Cosmic Lynx is also developing more refined BEC attacks—using messages featuring businesses and financial terms used in the proper context—that are harder for potential targets to detect.
From ZDNet
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found