Cybersecurity researchers at the Agari security firm have found a new phishing group targeting large companies worldwide, which may have been operating undiscovered for at least a year.
Cosmic Lynx is the first business email compromise (BEC) organization of its kind operating out of Russia, and it has targeted individuals in 46 countries across six continents.
Cosmic Lynx combines research on target companies and their executives alongside two spoof email chains sent to victims that touch on current events, including the coronavirus pandemic.
Agari's Crane Hassold said this indicates "that more advanced attackers are realizing the return on investment for BEC attacks is significantly greater than more technically sophisticated email-based attacks."
Cosmic Lynx is also developing more refined BEC attacks—using messages featuring businesses and financial terms used in the proper context—that are harder for potential targets to detect.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA