[Heads Up] The First-Ever Russian BEC Gang, Cosmic Lynx, Was Uncovered. They Spear Phish Multinational & Fortune 500 Senior Executives

iStock-186408720“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to researchers with Agari, who published a Tuesday analysis on the new phishing threat group.

While many BEC groups are relatively target-agnostic, Cosmic Lynx has a well-defined victim profile, the Agari researchers say. It hunts out large, multinational organizations with a significant global presence, including many Fortune 500 or Global 2,000 companies. The target employees of Cosmic Lynx schemes are typically senior-level executives, with 75 percent holding the titles of vice president, general manager or managing director.

cosmic-lynx-2-1024x493. Credit AgariResearchers warn that Cosmic Lynx targets firms that don’t use DMARC and uses a “mergers and acquisitions” pretext that can lead to large sums of money being stolen.

The BEC gang has been associated with more than 200 BEC campaigns targeting senior-level executives in 46 countries since last July. The threat group sets itself apart from other run-of-the-mill BEC scams in that it uses extremely well-written emails, targets victims without DMARC policies and leverages a fake “merger-and-acquisition” scenario that allows it to steal larger sums of money from victims.

It is crucial to train your executives and their immediate surroundings against attack like this. A quick query in the KnowBe4 ModStore shows 51 training modules that you can use for this:


See them for yourself in your free-access Modstore account.

The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews