
A vicious gang of Business Email Compromise (BEC) hack into people’s email accounts and send messages to their contacts claiming that the owner of the account must send a gift to a sick friend in an attempt to manipulate people into send gift cards online.
Detailed by cybersecurity researchers at Abnormal Security, a group of organized cybercriminals – dubbed Lilac Wolverine – have come up with techniques that tug at people’s hearts.
They include false claims that the gift cards are for people who have been diagnosed with or have lost loved ones to serious illnesses, with the claim that they cannot purchase because their bank card is missing or because that they are abroad. .
Gift cards are requested from well-known brands like Apple, Amazon and Google Play, with amounts ranging from $100 to $500.
In what the researchers describe as an “extremely high attack volume” and “one of the most prolific BEC campaigns” today, one of the things that makes it more realistic for victims – and therefore potentially more effective for scammers – is hacking into real email accounts.
According to the researchers, this is likely achieved with phishing attacks, using passwords leaked in a previous data breach, or simply because the password securing the account is common or reused.
But once an email address is successfully compromised, attackers don’t use the account itself to send BEC campaigns.
Also: Security Researcher Easily Caught My Passwords and More: How My Digital Fingerprints Left Me Surprisingly Overexposed
Instead, they copy the victim’s address book and create a similar account, using the same name and username, or if not available, making very subtle changes, often imperceptible. Attackers use free webmail services to set up these accounts.
It is these newly generated email accounts that are used to send BEC phishing lures to the contacts of the first victim – they are designed to look at the real account and they come from the real address, but the reply address is that of the newly created account used by scammers.
Setting up one of these accounts sounds complicated, but it means there’s less chance that the victim of the initial account hack will notice anything is wrong.
“They’re probably using a separate look-alike account so the owner of the compromised account isn’t alerted if and when someone replies to an email they didn’t send. Instead, all replies go to the lookalike account controlled by the attacker,” Crane Hassold, director of threat intelligence at Abnormal Security, told ZDNET.
Ultimately, by making the BEC email look like it’s coming from someone the targets know, rather than a stranger or a vague contact address, attackers are more likely to succeed. to scam the victims.
This is also achieved by not bringing up the idea of needing a gift card in the initial email, which seems innocuous enough, asking recipients if they want to catch up, asking for a favor or asking where they shop online.
Only if the victim replies to the initial fake email will the scammers send an additional message asking for a gift card.
Also: Your biggest cybercrime threat has almost nothing to do with technology
It is here that they attempt to emotionally manipulate the victims, using claims of bank cards not working and needing to urgently buy a present for someone struggling with serious illnesses.
“The pretexts the group uses in its BEC campaigns are intended to elicit an emotional response that it hopes will persuade a target to comply with its demand,” Hassold said.
“Like other gift card BEC attacks, since the target population is considerably larger than other types of attacks, their success rate does not need to be as high to achieve a good return on investment. on their campaigns,” Hassold said.
It is believed that the campaign is still active and that people should be made aware of the telltale signs of BEC gift card scams. These include unexpected urgent requests — particularly if they try to use emotional topics that require quick action — and messages that don’t appear to be from who they say they are from.
If you are unsure whether the message is real, you should, if possible, verify with the person sending it by calling them on the phone or checking with them in person.
And to prevent your email from being misused to send BEC scams to your contacts, it is recommended that you use a strong password and multi-factor authentication to protect your account.
LEARN MORE ABOUT CYBERSECURITY
#cruel #email #hacking #gang #aims #shoot #heart #steal #money