BEC Scammers Use Aging Report Phishing to Find New Targets
A group tracked as Ancient Tortoise is targeting accounts receivable specialists tricking them into sending over aging reports and thus collecting info on customers they can scam in later attack stages.
According to Colin Bastable, CEO of Lucy Security, a security awareness training company:
“BEC scams are often run out of Asia and the Middle East because it is easier to set up (and then liquidate) “burner” bank accounts in order to launder the money, taking advantage of the Hawala system of informal value transfer systems . The challenge is always in getting away with the loot, especially when most global bank transactions end up touching the US banking system at some stage. Running the payments through Asian and Middle Eastern banks can often enable the bad guys to rapidly turn the deposits into cash. Time zones that are different from the victim can also help the thieves by giving them some extra time to launder the money before the victims realize that they have been defrauded.”