That number represents a big uptick over Q1.

The average wire-transfer loss from business email compromise (BEC) attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter.

That’s according to the recently released Anti-Phishing Working Group (APWG)’s Phishing Activity Trends Report [PDF], which pointed out that the rise in dollar amounts could be driven largely by one Russian BEC operation, which has been targeting companies for an average of $1.27 million per effort.

In a BEC attack, a scammer impersonates a company executive or other trusted party, and tries to trick an employee responsible for payments or other financial transactions into wiring money to a bogus account. Attackers usually conduct a fair amount of recon work, studying executive styles and uncovering the organization’s vendors, billing system practices and other information to help mount a convincing attack.

Such is the case with the aforementioned Russian BEC group, Cosmic Lynx, which was spotted prowling around earlier this summer.

“Cosmic Lynx employs a dual impersonation scheme,” the report noted. “The pretext of their attacks is that the target organization is preparing to close an acquisition with an Asian company as part of a corporate expansion. First Cosmic Lynx impersonates a company’s CEO, asking the target employee to work with ‘external legal counsel’ to coordinate the payments needed to close the acquisition. Then, Cosmic Lynx hijacks the identity of a legitimate attorney at a U.K.-based law firm, who’s supposed job it is to facilitate the transaction. The final stage of a Cosmic Lynx BEC attack is getting the target to send payments to mule accounts controlled by the group.”

#hacks #web security #apwg #bec #phishing #security