New Sophisticated “Exaggerated Lion” BEC Check Scam Uses Mules to Cash Out



Scam Alert written on the road-2You may wonder exactly how BEC scammers see a payday. New insight from security vendor Agari documents how a secondary check scam dupes unsuspecting victims to help.

From April to October of 2019, the African-based cybercriminal group known as “Exaggerated Lion” ran a set of business email compromise (BEC) attacks tricking mostly Accounts Payable employees at over 2,100 companies into fraudulently sending money to alternate bank accounts.

What makes this set of attacks so interesting is the bank accounts aren’t controlled by Exaggerated Lion. Instead, this same group has been grooming a network of trusted mules – people who are duped into helping with moving money without question – since 2017. The monies resulting from BEC attacks are placed into a mule’s bank account and the mule then cashes the cybercriminal group out. The mules are individuals that have fallen for romance scams (so they believe they are helping their long-distance love) or a fast money business scam (where the individual is paid a fee for processing the check and passing along the majority of the funds back to what they believe is a legitimate business).

This attack is a perfect example of the extent to which cybercriminals will go to achieve their goal of stealing money. But, in both the case of the BEC scam and the mule scam, social engineering is used. And in the case of the BEC scam, spearphishing is the attack vector.

It important to remember, the mules only exist because the 2,100 companies fell for a BEC scam. Organizations utilizing Security Awareness Training are less susceptible to these kinds of scams, as their employees are aware of them in the first place, and are taught how to spot a scam a mile away.

While Agari has taken steps with the authorities to identify and close out mule-owned bank accounts, Exaggerated Lion continues their BEC efforts.


Get Your CEO Fraud Prevention Manual

CEO-Fraud-PagesCEO fraud has ruined the careers of many executives and loyal employees. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

Get Your Manual

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/ceo-fraud-prevention-manual

Subscribe To Our Blog


Ransomware Has Gone Nuclear Webinar




Get the latest about social engineering

Subscribe to CyberheistNews