Yes, absolutely. This is mostly a legal/enforcement decision. If you avoid Russian authorities, they avoid you. Also Russia is nowhere near as fertile ground as the US. There are plenty of low paid entry level office workers in the US who will gladly update their AP payment information for business email compromise (BEC). $2.77 billion lost to BEC in 2024, the most lucrative category. Total losses in the US were $16 billion from 859,532 complaints.
One investigation I worked a threat actor in China socially engineered their way into getting an employee account in a US company created for them. They were so persuasive they also got their account inserted into the approval process as a manager for creating other new employee accounts (at a specific location) in the identity workflow. They did this only for the purpose of siphoning discounts that are available to employees, and they resold those which resulted in about one million dollars loss over a period of a couple of years.
One investigation I worked a threat actor in China socially engineered their way into getting an employee account in a US company created for them. They were so persuasive they also got their account inserted into the approval process as a manager for creating other new employee accounts (at a specific location) in the identity workflow. They did this only for the purpose of siphoning discounts that are available to employees, and they resold those which resulted in about one million dollars loss over a period of a couple of years.
https://www.fbi.gov/contact-us/field-offices/elpaso/news/fbi...