BEC gangs like “Exaggerated Lion” are using tricky tactics – like exploiting G Suite – to scam companies out of millions.
Business email compromise (BEC) attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019.
Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims. For instance, a cybercriminal gang that researchers call “Exaggerated Lion” has been making use of G Suite and extremely long domain names to swindle millions of dollars out of its victims.
Crane Hassold, senior director of research with Agari, talks to Threatpost at RSA 2020 about how BEC scams are becoming more dangerous and trickier to detect.