International law firms spoofed in Crimson Kingsnake BEC campaign

Popular international law firms including Deloitte, Monlex International, Dentons, and Sullivan & Cromwell have been impersonated by business email compromise group Crimson Kingsnake in "blind BEC attacks," which were initially detected in March, reports BleepingComputer. Crimson Kingsnake commences the BEC attack with phishing emails spoofing international law firms' logos and letterheads, which are not targeted at specific industries or countries, an Abnormal Security report found. Resistance from phishing email recipients would prompt Crimson Kingsnake to impersonate the targeted firm's executive. "When a Crimson Kingsnake actor is questioned about the purpose of an invoice payment, we've observed instances where the attacker sends a new email with a display name mimicking a company executive," said the report. The findings come amid the increasing impact of BEC attacks, with the FBI reporting $2.4 billion in BEC-related losses last year, compared with the $43 billion in losses reported from 2016 to 2019. BEC attack prevalence has also been reported by Abnormal Security to have increased by 84% during the second half of 2021.