Automated translation services help deliver BEC attacks

Business email compromise (BEC) attacks are a major issue and are reckoned to have accounted for over a third of all financial losses from cyberattacks in 2021.

While not as common as phishing, BEC is a serious threat and it's not just in English-speaking countries. Abnormal Security has identified two groups using executive impersonation to execute BEC attacks on companies worldwide.

The groups -- Midnight Hedgehog, a group engaging in payment fraud, and Mandarin Capybara, a group executing payroll diversion attacks -- have launched BEC campaigns in at least 13 different languages, including Danish, Dutch, Estonian, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Spanish, and Swedish.

To properly translate email text for more believable social engineering efforts in the past would have required hiring a native speaker. Now though, widely available, accurate translation apps such as Google Translate have lowered the barrier to entry. This means attackers can rapidly scale their efforts, maximizing their reach and launching campaigns across the globe.

Fewer grammatical mistakes and syntax errors mean fewer alarm bells to alert email recipients that something isn't right about a message.

The Midnight Hedgehog group has only been seen to target companies in Europe with non-English messages. Mandarin Capybara though has attacked companies on both sides of the Atlantic. Researchers have observed the group targeting American and Australian companies in English, Canadian organizations in French, and European companies in six languages, including Dutch, French, German, Italian, Portuguese, and Spanish.

You can read more and see details of attack campaigns on the Abnormal Security blog.

Image Credit: Cienpies Design / Shutterstock