PREDICTIVE INTELLIGENCE
�
But the grift doesn ’ t end there . Cosmic Lynx members also impersonate a legitimate attorney for added credibility .
was shipped and payment was made to the unscrupulous cybercriminal ’ s bank account in Hong Kong .
As it stands , Rijksmuseum Twenthe is holding on to the painting pending the outcome of lawsuits and countersuits , with each party ( some might say correctly ) accusing the other of negligence .
Cosmic Lynx
With such lucrative potential rewards on offer , it did not take long for sophisticated criminal gangs to appear on the BEC scene . One such , Cosmic Lynx , was officially uncovered in the summer of 2020 , though cybersecurity researchers believe they were active for at least a year before .
The group has targeted at least 200 multinational organisations in 46 countries , and counting . As well as its focus on high-value targets and sizeable payoffs , Cosmic Lynx is known for its complex dual impersonation tactic .
The criminal collective seeks out organisations without DMARC authentication that are close to taking over or merging with another company . The lack of DMARC allows them to impersonate company executives with relative ease .
But the grift doesn ’ t end there . Cosmic Lynx members also impersonate a legitimate attorney for added credibility . An email is then sent from the compromised executive ’ s account asking an employee with the relevant authority to liaise with the imposter attorney and process the payment for the deal .
The average payment requested by the group is US $ 1.27 million , much higher than the amounts asked for by most BEC criminal gangs .
How to brace for BEC
As the examples above show , BEC attacks come in many forms , perpetrated by both opportunistic individuals and well-organised criminal enterprises . But while it is crucial to keep up to speed with the current threat landscape , there are several effective solutions that can help to protect your organisation whatever the methods and motives of an attack .
The first is robust email protection capable of analysing and filtering malicious message content before it lands in your inbox . DMARC is also a must . By authenticating legitimate domains , DMARC helps to prevent spoofed emails from reaching their intended target .
Once in place , emails from your domains can only be sent from permitted and authenticated servers . Most importantly , DMARC acts as a deterrent , with many cybercriminals setting their sights on
34 www . intelligentciso . com