Top CFOs getting targeted by sophisticated Email Scam

A Nigerian hackers group is making attempts to trick numerous top executives all throughout the world into sending the hackers group company funds. Cyber security firm called Agari, in their new report, described that this ambitious scheme mainly targets the chief financial officers through email. Agari started investigating over the hackers group after they were attacked by the group.

The cyber threat detection company, Agari, further reported that the hacker group called 'London Blue' selects their targets from the lists acquired by them from the commercial data brokers. The clients of the commercial data brokers were usually marketers as well as sales teams. The report warns that the "targets included companies in a very broad range of sectors, from small businesses to the largest multinational corporations".

The cyber security firm states that while investigating, it found a list of potential targets of the hackers group this year. The list included over 50,000 finance executives, out of which 71% were CFOs (Chief Financial Officers). The executives belonged to various countries; with more than half were from the United States, while the others are from countries like United Kingdom, Finland, Spain, Mexico and the Netherlands.

"This report demonstrates that cybercriminal groups continue to evolve and are using formal business strategies and structure to more effectively carry out their scams," said Agari, noting use of "legitimate commercial sales prospecting tools" by London Blue.

The attackers were carrying out a common scam called "business email compromise". In this kind of email scam, the attacker tried to pose as company insider, like CEO, requesting transfer of money to an outsider account. As per the estimate done by the FBI, the businesses all over the world lost over $12 billion through such email scams from October 2013 to May 2018.

As per Agari, London Blue had "taken the basic technique of spear-phishing -- using specific knowledge about a target's relationships to send a fraudulent email -- and turned it into massive BEC campaigns," as each of the email asks for transfer of money customized to appear as an order from the company's senior executive.

As per the report, London Blue hacker group operates like the modern corporation. The hacking group has people who are working on sales, email marketing, human resources, business intelligence and financial operations, according to Agari. Agari also estimated in their report that this scam has caused massive damage in dollar terms.

» SPAMfighter News - 12/24/2018