Page 18 - GS200301
P. 18
Views
with BEC attacks and cashed out their booty often using
Insider’sreport gift cards, but with increasing frequency, paper checks.
Dubbed Exaggerated Lion, the group is made up of bad
on payments actors spread around multiple African countries, including
Ghana, Kenya and Nigeria.
Old meets new with The group uses Google's G Suite to maximize the number
of phishing emails sent on any one day, Agari reported –
2,000 versus a limit of 500 a day using traditional Gmail
BEC cash-outs accounts. BEC rings employ "mules" to cash out their frauds.
The mules, who usually keep a fraction of the money for
their efforts, can be witting or unwitting participants in the
By Patti Murphy scams. Often, fraudsters enlist and manipulate individuals
to be mules through "romance" or "work at home" scams,
ProScribes Inc. according to Agari and the FBI.
raud is a perpetual threat to banks and their Agari said it handled 200 investigations involving
business clients. And while the marketplace is Exaggerated Lion in the space of four months last year,
getting better at detecting fraud incidents before and one thing that stood out was the group's use of
F they turn to losses, new threats are constantly physical checks to cash out pilfered funds The "low tech"
emerging. One troubling new trend is the proliferation of use of paper checks for cash-outs requires a higher level
business email compromises (BECs) that are used to trick of sophistication in social engineering techniques to dupe
companies into making fraudulent payments that are then companies out of money and to get mules on board (often
laundered through networks of "mules" that often carry unwittingly), Agari stated.
out their part of the scam through check deposits.
Unwitting mules are the best mules, the company said,
It's a case of the old (check payments) being leveraged to because they can be convinced to deposit the checks into
support new methods of fraud. BEC, also known as cyber- their personal accounts, often under the auspices of helping
enabled financial fraud, is carried out by transnational someone receive a large inheritance, and pass the proceeds
criminal rings that employ lawyers, linguists, hackers and on without question. Since the accounts are legitimate, the
social engineers. They target organizations large and small scam is "almost undetectable" by traditional anti-money
and use various tactics, although most target employees laundering controls that financial institutions use to detect
within those organizations that can access company suspicious activities, Agari said.
finances. Think accounts payables staff.
Between April and August 2019, Exaggerated Lion
At its heart, a BEC leverages the oldest trick in the con artist targeted at least 3,000 individuals employed by nearly
playbook: deception. Fraudsters use email phishing and 2,100 companies with BEC attacks, according to Agari.
social engineering tactics to trick employees into making Most targeted employees were in accounts payables.
wire transfers to accounts thought to belong to trusted Investigators identified 28 active money-mule accounts at
partners, but which in fact are controlled by the fraudsters. various financial institutions. Healthcare companies have
First they gain access to a company's internal networks. been among the hardest hit, Agari said. Other vulnerable
Then they spend weeks, or even months, studying the industry sectors include banking, manufacturing, retail
company's vendors, billing systems and executives' email and construction. Exaggerated Lion attacks have been
styles. And when they think the time is right, they send an identified in 49 of 50 U.S. states; companies in Nevada
email purporting to be from a key executive (CEO or CFO) appear to be the only ones not yet victimized by this gang
requesting an immediate transfer of funds to the account of of cybercriminals.
what appears to be a trusted vendor.
A dramatic increase in BECs Unwitting mules are the best
The FBI reports that between 2000 and 2018 its Internet mules, the company said, because
Crime Complaint Center saw a 1,300 percent increase in they can be convinced to deposit the
identified BECs, with reported losses totaling over $3.7
billion. Agari, a provider of phishing defense solutions checks into their personal
for enterprises, estimates that globally $700 million is lost
every month to BEC attacks. accounts, often under the auspices of
helping someone receive a large
Agari also reports that an ongoing investigation by its
Cyber Intelligence Division, identified an international inheritance, and pass the proceeds
cyber-fraud ring that has bilked thousands of companies on without question.
18
