“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to researchers with Agari, who published a Tuesday analysis on the new phishing threat group.
While many BEC groups are relatively target-agnostic, Cosmic Lynx has a well-defined victim profile, the Agari researchers say. It hunts out large, multinational organizations with a significant global presence, including many Fortune 500 or Global 2,000 companies. The target employees of Cosmic Lynx schemes are typically senior-level executives, with 75 percent holding the titles of vice president, general manager or managing director.
Researchers warn that Cosmic Lynx targets firms that don’t use DMARC and uses a “mergers and acquisitions” pretext that can lead to large sums of money being stolen.
The BEC gang has been associated with more than 200 BEC campaigns targeting senior-level executives in 46 countries since last July. The threat group sets itself apart from other run-of-the-mill BEC scams in that it uses extremely well-written emails, targets victims without DMARC policies and leverages a fake “merger-and-acquisition” scenario that allows it to steal larger sums of money from victims.
It is crucial to train your executives and their immediate surroundings against attack like this. A quick query in the KnowBe4 ModStore shows 51 training modules that you can use for this:
See them for yourself in your free-access Modstore account.