Register now for better personalized quote!

This cruel email-hacking gang aims to tug on your heartstrings and steal your cash

Nov, 30, 2022 Hi-network.com
Image: Getty/damircudic

A cruel business email compromise (BEC) gang is hacking people's email accounts and sending messages to their contacts claiming the account owner needs to send a gift to an unwell friend in an attempt to manipulate people into sending online gift cards. 

Detailed by cybersecurity researchers at Abnormal Security, an organized cyber criminal group -dubbed Lilac Wolverine -has fine-tuned techniques that pull on people's heartstrings. 

Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read now

They include false claims that the gift cards are meant for people who've been diagnosed with or lost relatives to serious illnesses, with the claim that they can't buy because their bank card is missing, or because they're out of the country. 

Gift cards are requested from familiar brands like Apple, Amazon and Google Play, with amounts ranging from$100 to$500. 

In what researchers describe as an "extremely high attack volume" and "one of the most prolific" BEC campaigns today, one of the elements that makes it look more realistic to victims -and potentially more successful for the scammers -is hacking into real email accounts. 

According to researchers, this is likely achieved with phishing attacks, using passwords leaked in an earlier an data breach or simply because the password securing the account is common or re-used.  

But once an email address is successfully compromised, the attackers don't use the account itself to send out BEC campaigns.  

Also: A security researcher easily found my passwords and more: How my digital footprints left me surprisingly over-exposed

Instead they copy the victim's address book and set up a lookalike account, using the same name and username, or if that isn't available, making very subtle, often unnoticeable changes. The attackers use free webmail services to set up these accounts. 

Security

  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

It's these newly generated email accounts that are used to send out BEC phishing lures to the first victim's contacts. They're designed to look like the real account and they do come from the real address, but the reply address is to the newly created account used by the scammers. 

Setting up one of these accounts sounds elaborate, but it means there's less chance of the victim of the initial account hack will notice something is wrong. 

"They likely use a separate, lookalike account so the owner of the compromised account doesn't get alerted if and when someone responds to an email they didn't send. Instead, any responses go to the lookalike account controlled by the attacker," Crane Hassold, director of threat intelligence at Abnormal Security, told . 

Ultimately, by making the BEC email look like it comes from someone the targets know, rather than a stranger or a vague contact address, it makes it more likely that the attackers will succeed in scamming victims. 

This is also achieved by not bringing up the idea of needing a gift card in the initial email, which looks innocuous enough, asking the receivers if they want to catch up, asking for a favor or asking where they do their online shopping.  

It's only if the victim responds to the initial spoofed email that the scammers will send an additional message requesting a gift card. 

It's here they attempt to emotionally manipulate victims, using claims of bank cards not working and needing to urgently buy a gift for someone dealing with serious illnesses.

"The pretexts the group uses in their BEC campaigns are meant to elicit an emotional response that they hope would persuade a target to comply with their request," said Hassold.  

"Like other gift card BEC attacks, since the target population is substantially larger than other types of attacks, their success rate doesn't need to be that high to get a good return on investment on their campaigns," Hassold said. 

Also: Your biggest cybercrime threat has almost nothing to do with technology

It's believed that the campaign is still active and that people should be made aware of telltale signs of BEC gift card scams. These include unexpected urgent requests -particularly if they're trying to use emotional subjects requiring swift action -and messages that don't sound like they come from who they say they come from. 

If you're unsure if the message is real, if possible, you should check with the person sending it by calling them on the phone or checking with them in person. 

And to prevent your email being abused to send out BEC scams to your contacts, it's recommended that you use a strong password and multi-factor authentication to help protect your account. 

MORE ON CYBERSECURITY

  • US judge sentences men for$1.5 million Apple Gift Card scam
  • Raising cybersecurity awareness is good for everyone - but it needs to be done better
  • The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats
  • The next big security threat is staring us in the face. Tackling it is going to be tough
  • The biggest cyber-crime threat is also the one that nobody wants to talk about

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.