Ancient Tortoise: Ancient Tortoise, a Business Email Compromise (BEC) cybercrime group, began using Coronavirus themed emails to trick users into transferring funds. Researchers at Agari exchanged email messages with the threat actors as part of an ongoing BEC scam investigation. Ancient Tortoise spoofed executive email addresses within the targeted company to request aging reports, also called schedule of accounts receivable, then requested payments for the outstanding invoices to trick the victim into initiating a wire transfer to the attacker’s account. In the most recent campaign, emails stated that because of the Coronavirus, they are changing banks and included a new account for money to be transferred to. Agari researchers received instructions to wire payments to an account in Hong Kong, which is likely controlled by a money mule. BEC scams were responsible for over $1.8 billion in stolen revenue in 2019.