Scammers are looking for English speakers to work on Business Email Compromise

Scammers are recruiting native English speakers in droves to improve the effectiveness of Business Email Compromise (BEC).

BEC schemes, like ransomware, may be easy to implement but have the potential to be extremely damaging to a corporation.

A BEC scam would often begin with a phishing email that is personalized and customized to the target. Social engineering and email address spoofing may also be used to make the message appear to come from someone in the target organization, such as an executive, the CEO, or a member of an accounts team, to trick an employee into making a payment to a scammer’s account.

In some situations, these payments – for example, to settle an alleged invoice – can amount to millions of dollars. In 2020, US businesses alone lost over $1.8 billion to these types of cyberattacks.

A BEC scam requires little technical knowledge; but, scammers must be able to communicate effectively to succeed in their activities. If they are not fluent in the language of the target, BEC attacks may fail.

Unfortunately, there is a solution to fill this knowledge gap: hire a native language speaker from the underground.

According to Intel 471, forums are increasingly being used to assemble teams capable of handling both the technical and social engineering aspects of a BEC scam.

Threat actors have advertised for native English speakers on a popular Russian-speaking cybercriminal forum throughout 2021. With the task of managing email communication that would not raise red flags to members of a high-level organization, as well as the negotiation aspect of a BEC operation.

To be successful, the target employee must believe that communication is coming from a legitimate source. Secondary language use, spelling mistakes, and grammatical issues could all be indicators that something isn’t right, just as spam frequently contains issues that alert recipients to attempted fraud.

“Actors like those we saw are looking for native English speakers because the North American and European markets are the prime targets of such frauds,” the researchers write.

Furthermore, threat actors are attempting to hire launderers to clean up the earnings of BEC operations. They which are frequently accomplished using bitcoin mixer and tumbler platforms. One advertisement noticed by the researchers advertised a service capable of laundering up to $250,000.

According to Intel 471, “the BEC footprint on underground forums is not as large as other types of cybercrime, likely because many of the operational elements of BEC use targeted social engineering tactics and fraudulent domains, which do not typically require technical services or products that the underground offers.” “[…] As long as such forums remain a hotbed of talents that may make scammers money, thieves will use the underground for all manner of frauds.”

Facebook
Pinterest
Twitter
LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *

This field is for validation purposes and should be left unchanged.

Get in touch

If you are interested in our services or have questions about what we offer, please give us a call at 866-224-3636 to speak to a member of our solutions team.

Alternatively, you may use the contact form below and someone will get back to you as soon as possible. Thank you for your interest!

office-2dualtone.png
Headquarter

845 West Market Street, Bldg P Salinas, California 93901

support-2dualtone.png

(831) 758-3636
ext. 430

Follow our social network