Read Time:1 Minute, 46 Second
A ‘Crimson Kingsnake’ has recently been spotted impersonating well-known international law firms.
A Business Email Compromise (BEC) is a fraud targeting companies regularly having wire transactions in other countries. The scammer group dubbed ‘Crimson Kingsnake’ tricks recipients into approving overdue invoice payments.
According to a technical write-up published by cloud email security platform Abnormal, 92 malicious domains belonging to 19 law firms and debt collection businesses in the United States, United Kingdom, and Australia have been detected and linked to the threat actor.
The company mentioned, “The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals intoquickly paying bogus invoices.”
Crimson Kingsnake preys on businesses in the United States, Europe, the Middle East, and Australia. Abnormal also stated that, like most BEC gangs, the group is industry-agnostic, meaning they do not specifically target companies in specific industries.
“Intelligence collected from some of the active defence engagements we’ve conducted with the group indicates that at least some of the actors associated with Crimson Kingsnake may be located in the United Kingdom,” the advisory stated.
The Crimson Kingsnake attacks typically started with emails imitating reputable attorneys and law offices and referring to an overdue payment.
“To add legitimacy to their communications, Crimson Kingsnake uses email addresses hosted on domains closely resembling a firm’s real domain,” Abnormal emphasised.
“The sender’s display name is set to the attorney that is being impersonated, and the email signature contains the firm’s actual company address.”
According to Sean McNee, CTO at DomainTools, BEC assaults continue to be profitable.
Impersonating third-party sellers is the newest trend in business.
“Criminals are hijacking the external relationships businesses have with their suppliers, particularly those that share susceptible data and invoice large amounts,” McNee told Infosecurity.”
Because BEC attacks that third-party spoof domains are becoming more widespread, businesses must be aware of the hazard. To mitigate these assaults, staff must be trained to validate domains and transactions before starting them. Having the right tools, training, and practices in place can help businesses stay one step ahead of attackers.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
