Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks.

While the Coronavirus is spreading worldwide cybercriminals and nation-state actorsare launching COVID19-themed attacks on a global scale.

Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a cybercrime gang, tracked as Ancient Tortoise, is launching BEC attacks taking advantage of the COVID-19 outbreak.

According to a report shared by Agari Cyber Intelligence Division (ACID) researchers with BleepingComputer, crooks are launching Coronavirus-themed BEC attacks.

The researchers received a coronavirus-themed scam email that attempted to trick victims into using a different bank account for the payment due to the COVID-19 outbreak.

“Due to the news of the Corona-virus disease (COVID-19) we are changing banks and sending payments directly to our factory for payments, so please let me know total payment ready to be made so i can forward you our updated payment information,” reads the scam email.

The Ancient Tortoise’s BEC message includes details of a Hong Kong mule account and instructs victims to send the money to it.

Researchers noticed that it took about three weeks for the attackers to send the coronavirus-themed scam email after they have initially established a contact with them.

“It took about three weeks for the attackers to send the coronavirus-themed scam email after their initial contact with the researchers, between February 17th when the request for an aging report landed in Agari’s inboxes and March 9th when they launched the final attack on the fake vendor.” reported BleepingComputer.

To defend against BEC attacks, Agari experts recommend vendors and suppliers to implement strong email authentication and anti-phishing email protections.

Any organization that has regularly pay external suppliers is recommended to set up a formal process for handling outgoing payments, especially when some changes are reported in the normal payment procedure (i.e. A change of the bank account).

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase