Scammers are recruiting native English speakers in droves to improve the effectiveness of Business Email Compromise (BEC).
BEC schemes, like ransomware, may be easy to implement but have the potential to be extremely damaging to a corporation.
A BEC scam would often begin with a phishing email that is personalized and customized to the target. Social engineering and email address spoofing may also be used to make the message appear to come from someone in the target organization, such as an executive, the CEO, or a member of an accounts team, to trick an employee into making a payment to a scammer’s account.
In some situations, these payments – for example, to settle an alleged invoice – can amount to millions of dollars. In 2020, US businesses alone lost over $1.8 billion to these types of cyberattacks.
A BEC scam requires little technical knowledge; but, scammers must be able to communicate effectively to succeed in their activities. If they are not fluent in the language of the target, BEC attacks may fail.
Unfortunately, there is a solution to fill this knowledge gap: hire a native language speaker from the underground.
According to Intel 471, forums are increasingly being used to assemble teams capable of handling both the technical and social engineering aspects of a BEC scam.
Threat actors have advertised for native English speakers on a popular Russian-speaking cybercriminal forum throughout 2021. With the task of managing email communication that would not raise red flags to members of a high-level organization, as well as the negotiation aspect of a BEC operation.
To be successful, the target employee must believe that communication is coming from a legitimate source. Secondary language use, spelling mistakes, and grammatical issues could all be indicators that something isn’t right, just as spam frequently contains issues that alert recipients to attempted fraud.
“Actors like those we saw are looking for native English speakers because the North American and European markets are the prime targets of such frauds,” the researchers write.
Furthermore, threat actors are attempting to hire launderers to clean up the earnings of BEC operations. They which are frequently accomplished using bitcoin mixer and tumbler platforms. One advertisement noticed by the researchers advertised a service capable of laundering up to $250,000.
According to Intel 471, “the BEC footprint on underground forums is not as large as other types of cybercrime, likely because many of the operational elements of BEC use targeted social engineering tactics and fraudulent domains, which do not typically require technical services or products that the underground offers.” “[…] As long as such forums remain a hotbed of talents that may make scammers money, thieves will use the underground for all manner of frauds.”