Why target an individual when you can go to more lucrative targets like large MNCs and achieve greater rewards? That is what this group of cyber criminals is doing right now! A Russian cyber criminal group called Cosmic Lynx has been launching numerous Business Email Compromise (BEC) attacks targeting several MNCs. Especially the companies that are listed in Fortune 500 or Global 2000!
Information on Cosmic Lynx
Cosmic Lynx is a polished cyber criminal group that has launched around 200 BEC campaigns targeting large MNCs worldwide. They have been active since 2019, creating havoc specifically in 46 countries across six continents. The group impersonates C-level executives of companies that are listed in Fortune 500 or Global 2000 to trick the employees.
According to the article from Computer Weekly, Cosmic Lynx’s method of targeting the victim involves a dual impersonation scheme. The first is to impersonate a CEO of an organization and pretend to expand the business operations in Asia. They reach out to the target employee to approach external legal counsel for the acquisition payments.
Next, they impersonate as a legitimate U.K.-based law firm lawyer to facilitate the transaction. In order to receive the stolen funds, they use Hong kong-based mules but sometimes they also work with others like from Portugal, Hungary, and Romania.
On average, they receive an amount of $55000 in U.S. currency. However, they ask for an amount of hundreds of thousands or even millions of dollars from the target. The scary part of the group is they can even exploit DMARC controls to spoof legitimate email addresses. This gives them the ability to be concealed and get around the security systems that may otherwise reject or quarantine the emails.
How to Prevent These Deadly BEC Attacks?
It sounds alarming when cyber criminals can bypass security measures in order to steal our valuable information and money. But this is not a surprising fact, every organization has cyber security protocols implanted. However, cyber criminals are growing more sophisticated and coming up with new techniques and tactics to penetrate the security walls.
So, organizations should stop relying on obsolete IT infrastructure and basic cyber security protocols. Conversely, organizations should come up with more comprehensive security measures that are more complicated and sophisticated. In short, organizations should come up with a method that should prevent these destructive BEC attacks from harming the organization and its employees in any form.
Here are some effective email security solutions to prevent against BEC attacks:
- Avoid emails from unknown parties: The safest way to avoid the risks is to not open the emails from an unknown source in the first place. Before opening an email, employees should always check the sender’s address carefully. To look for any difference that might be a sign of spoofed email.
- Check before you click the link: Keep in mind that hackers can disguise the links in emails using an anchor text. However, you can hover over the link to find out the destination. So, investigate the link to make sure it’s legitimate before you click on it.
- Avoid downloading attachments: Attachments are one of the most common methods to spread malware through emails. Attachments from unknown sources must never be opened or downloaded. It is advisable to always scan every attachment before downloading even if it’s the one you were expecting.
- Use a company domain: Using free web-based email accounts for your business makes it easier for malicious actors to spoof the address. It is highly recommended that you create a company domain and use it for your email account. Cyber criminals may still try to impersonate your address, however, employees will be able to spot incorrect email or inconsistencies.
- Email authentication: Using email authentication standards, such as SPF, DKIM, and DMARC, secure you against email domain forgery. Implement email authentication tools like KDMARC. It monitors SPF, DKIM, and DMARC to ensure that your email domain is safe against domain forgery.
KDMARC is a GCA certified email authentication protocol that gives your organization the ability to control the emails that are flowing through the domain. Also, it lets you determine whether outbound emails from your domain that fail DMARC authentication should end in the recipient’s inbox, spam, or either bounced back. Hence, it also boosts email engagement rates.
It’s Time Now to Decide and Perform
Either it is Cosmic Lynx or any other cyber criminal group, impersonation of your email domains can harm your organization in different ways. It can be lost in terms of money or abusing your brand and domain reputation. It also harms the customers’ trust who are completely relying on your services and chooses your business above all.
Therefore, it is crucial organizations implement robust cyber security measures in order to defend email domain forgery. So keeping that in mind, It should be mandatory for every organization to protect the business, employees and valuable customers. To do so, the only way is to keep up with the security measures and be one step ahead from the malicious actors.
Click the button below to secure your email domain against spoofing for FREE with KDMARC!