Popular international law firms including Deloitte, Monlex International, Dentons, and Sullivan & Cromwell have been impersonated by business email compromise group Crimson Kingsnake in "blind BEC attacks," which were initially detected in March, reports BleepingComputer.
Crimson Kingsnake commences the BEC attack with phishing emails spoofing international law firms' logos and letterheads, which are not targeted at specific industries or countries, an Abnormal Security report found. Resistance from phishing email recipients would prompt Crimson Kingsnake to impersonate the targeted firm's executive.
"When a Crimson Kingsnake actor is questioned about the purpose of an invoice payment, we've observed instances where the attacker sends a new email with a display name mimicking a company executive," said the report.
The findings come amid the increasing impact of BEC attacks, with the FBI reporting $2.4 billion in BEC-related losses last year, compared with the $43 billion in losses reported from 2016 to 2019. BEC attack prevalence has also been reported by Abnormal Security to have increased by 84% during the second half of 2021.
Sixty thousand emails from U.S. State Department accounts were noted by a staffer working for Sen. Eric Schmitt, R-Mo., to have been exfiltrated by Chinese threat actors during the widespread compromise of Microsoft email accounts that commenced in May, according to Reuters.
Threat actors have leveraged the ZeroFont phishing attack technique, which initially involved the insertion of hidden characters or words in emails to evade security detection systems, to modify message previews as shown on Microsoft Outlook and other email clients, BleepingComputer reports.
BleepingComputer reports that individuals who have filed claims against bankrupt cryptocurrency lender Celsius have been subjected to phishing attacks involving the impersonation of the lender's claims agent, Stretto.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news