Recognising that their lack of proficiency in the English language scuttles many of their cyber campaigns, cyber criminals are now actively recruiting native English speakers to enhance the success rate of their fraudulent operations.
For years, cyber security experts and data security watchdogs have advised Internet users to look out for grammatical errors in emails, texts, and phishing websites as these are accurate markers of phishing attacks and BEC scams perpetrated by cyber criminals who are not quite adept at speaking or writing the English language.
But what if cyber criminals recognised this drawback and leveraged native English speakers to draft their fraudulent communications? According to Intel 471, cyber criminals are doing exactly that- actively hunting for native English language speakers on cybercrime forums who can conduct social engineering attacks on their behalf.
The threat intelligence firm observed two instances, one in February and another in June, of cyber criminals taking to popular cyber crime forums to advertise their need for native English speakers in an attempt to outsource the social engineering work behind BEC. One of these hackers had obtained access to custom Microsoft Office 365 domains and just wanted a native English speaker to do the sweet-talking.
“Actors like those we witnessed are searching for native English speakers since North American and European markets are the primary targets of such scams. The use of proper English is very important to these actors, as they want to ensure the messages they send to their victims — mainly high-level employees of an organisation — do not raise any red flags,” the firm said.
According to Javvad Malik, security awareness advocate at KnowBe4, while recruiting native English speakers could very well help rid cyber criminals of one of the most telling red flags in a phishing email, which is poor spelling and grammar, corporate workers and individual Internet users can still spot a phishing trick or a BEC scam.
“Poor spelling and grammar is by far the only red flag in phishing emails, and well-trained users can spot the other signs of a phishing email, particularly BEC scams. Some of these include the subject line, any links or attachments, who the email is from, the date and time it was sent, and of course the content.
“In particular, people should be aware of what the ask is, and whether action is requested on their part in order to avoid a negative consequence or to gain something of value. When in doubt, users should report suspicious emails to their IT team or try to validate by contacting the alleged sender by other means,” he said.
According to Intel 471, aside from native English speakers, cyber criminals are also actively recruiting people with other skill sets, such as those skilled in laundering stolen money to make them untraceable, and those who can obtain large email databases maintained by organisations.
Recently, cloud security firm Abnormal Security also discovered how a Nigerian cyber criminal was attempting to bribe corporate workers with rewards of up to $1 million in bitcoin or 40% of the proceeds if they deployed ransomware inside their corporate networks on behalf of the hackers.