At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    New Business Email Compromise Gang Impersonates Lawyers

    A criminal gang is launching business email compromise (BEC) attacks by posing as “real attorneys, law firms, and debt recovery services.” The attackers send legitimate-looking invoices tailored to the targeted organization, asking for a payment of tens of thousands of dollars.

    “These sophisticated invoices also list a bill number, account reference number, bank account details, and the company’s actual VAT ID. Some invoices even include a ‘notification of rights’ and information about who to contact with questions or concerns. Based on the complexity and detailed nature of the invoices we’ve observed, it’s possible that Crimson Kingsnake is using altered versions of legitimate invoices used by the impersonated firms.”

    If the employee refuses to authorize the transaction, the attackers will sometimes pose as an executive at the organization and send the employee an email granting permission to make the payment.

    “When the group meets resistance from a targeted employee, Crimson Kingsnake occasionally adapts their tactics to impersonate a second persona: an executive at the targeted company,” the researchers write. “When a Crimson Kingsnake actor is questioned about the purpose of an invoice payment, we’ve observed instances where the attacker sends a new email with a display name mimicking a company executive. In this email, the actor clarifies the purpose of the invoice, often referencing something that supposedly happened several months before, and ‘authorizes’ the employee to proceed with the payment.”

    The researchers note that the user could recognize these emails as fake if they know where to look for the sender’s email address, but the attackers have included the executive’s real email in the display name.

    Abnormal Security concludes that organizations should implement modern email security solutions, as well as providing training for employees to recognize these attacks.

    “If these attacks do end up in an inbox, ensuring that there are robust procedures in place for outgoing payments is extremely important,” the researchers write. “Organizations should have a process for validating that money is getting sent to the correct recipient, particularly for these high-dollar invoices. And security awareness training is imperative, as employees should know to carefully consider sender addresses, especially when an email asks them to share sensitive information or send a payment.”

    New-school security awareness training can give your organization an essential layer of security by teaching your employees how to thwart social engineering attacks.

    Abnormal Security has the story.

    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top