Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

March 15, 2020  By Pierluigi Paganini


A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks.

While the Coronavirus is spreading worldwide cybercriminals and nation-state actors are launching COVID19-themed attacks on a global scale.

Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a cybercrime gang, tracked as Ancient Tortoise, is launching BEC attacks taking advantage of the COVID-19 outbreak.

According to a report shared by Agari Cyber Intelligence Division (ACID) researchers with BleepingComputer, crooks are launching Coronavirus-themed BEC attacks.

The researchers received a coronavirus-themed scam email that attempted to trick victims into using a different bank account for the payment due to the COVID-19 outbreak.

“Due to the news of the Corona-virus disease (COVID-19) we are changing banks and sending payments directly to our factory for payments, so please let me know total payment ready to be made so i can forward you our updated payment information,” reads the scam email.

The Ancient Tortoise’s BEC message includes details of a Hong Kong mule account and instructs victims to send the money to it.

Researchers noticed that it took about three weeks for the attackers to send the coronavirus-themed scam email after they have initially established a contact with them.

“It took about three weeks for the attackers to send the coronavirus-themed scam email after their initial contact with the researchers, between February 17th when the request for an aging report landed in Agari’s inboxes and March 9th when they launched the final attack on the fake vendor.” reported BleepingComputer.

To defend against BEC attacks, Agari experts recommend vendors and suppliers to implement strong email authentication and anti-phishing email protections.

Any organization that has regularly pay external suppliers is recommended to set up a formal process for handling outgoing payments, especially when some changes are reported in the normal payment procedure (i.e. A change of the bank account).

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, BEC)

[adrotate banner=”5″]

[adrotate banner=”13″]




Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Massive cyber attack hit the town hall of Marseille ahead local election

 While the Coronavirus is spreading worldwide, a massive cyber attack hit the town hall of Marseille and the metropolis. Ahead...