Friday, March 5, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million

April 23, 2020
in Internet Privacy
Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

In a recent highly targeted BEC attack, hackers managed to trick three British private equity firms into wire-transferring a total of $1.3 million to the bank accounts fraudsters have access to — while the victimized executives thought they closed an investment deal with some startups.

According to the cybersecurity firm Check Point, who shared its latest investigation with The Hacker News, nearly $700,000 of the total wire transferred amount has permanently lost to the attackers, with the rest of the amount recovered after researchers alerted the targeted firms in time.

You might also like

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

Dubbed ‘The Florentine Banker,’ the sophisticated cybercrime gang behind this attack, “seems to have honed their techniques over multiple attacks, from at least several years of activity and has proven to be a resourceful adversary, quickly adapting new situations,” the researchers said.

‘The techniques they use, especially the lookalike domains technique, present a severe threat — not only to the originally attacked organization but also to the third-parties with whom they communicated using the lookalike domain.’

The security firm said previous spear-phishing campaigns launched by the same group of hackers mainly targeted the manufacturing, construction, legal, and finance sectors located in the US, Canada, Switzerland, Italy, Germany, and India, among others.

How did hackers do it?

The investigation follows Check Point’s previous report published last December, which described a similar BEC (business email compromise) incident that resulted in the theft of $1 million from a Chinese venture capital firm.

The amount, which was seed funding intended for an Israeli startup, was instead routed to a bank account under the attacker’s control via a carefully-planned man-in-the-middle (MITM) attack.

The fraud scheme, which has since caught three UK and Israeli based finance firms in the net, works by sending phishing emails to high profile individuals in the target organization to gain control of the account and carry out extensive reconnaissance to understand the nature of business and the key roles inside the company.

How does business email compromise work?

In the next phase, the attackers tamper with the victim’s Outlook mailbox by creating new rules that would divert relevant email to a different folder, such as the RSS Feeds folder, that’s not commonly used by the individual in question.

Aside from infiltrating the high-level corporate email account and monitoring messages, the hackers register separate lookalike domains that mimic the legitimate domains of the entities involved in the email correspondences they want to intercept, thus allowing them to perpetrate a MITM attack by sending emails from the fraudulent domains on behalf of the two parties.

‘For example, if there was a correspondence between ‘finance-firm.com’ and ‘banking-service.com,’ the attackers could register similar domains like ‘finance-firms.com’ and ‘banking-services.com,’ the team said.

Put differently, the Florentine Banker group sent one mail each from the spoofed domains to the counterparty, thus inserting itself into the conversation and deceiving the recipient into thinking that the source of the email is legitimate.

‘Every email sent by each side was in reality sent to the attacker, who then reviewed the email, decided if any content needed to be edited, and then forwarded the email from the relevant lookalike domain to its original destination,’ Check Point researchers said in a separate blog post on BEC scams.

Armed with this set-up, the attackers then begin injecting fraudulent bank account information (associated with accounts located in Hong Kong and the UK) in the emails to intercept money transfers and initiate new wire requests.

FBI Sounds Warning Against BEC Attacks

Business email compromise (BEC) attacks have surged in recent years as organized cybercrime groups try to profit off email scams directed against big businesses.

Last month, Palo Alto Networks’ Unit 42 threat intelligence team examined BEC operations working out of Nigeria, uncovering that the group — dubbed ‘SilverTerrier’ — carried out an average of 92,739 attacks a month in 2019.

According to the Federal Bureau of Investigation’s 2019 Internet Crime Report, BEC-related scams alone accounted for 23,775 complaints amounting to losses of over $1.7 billion.

BEC Attacks

In an advisory published by the FBI early this month, the agency warned of cybercriminals conducting BEC attacks through cloud-based email services, adding the scams cost US businesses more than $2.1 billion between 2014 and 2019.

‘Cybercriminals analyze the content of compromised email accounts for evidence of financial transactions,’ the FBI warned. ‘Often, the actors configure mailbox rules of a compromised account to delete key messages. They may also enable automatic forwarding to an outside email account.’

The bureau also issued a separate warning highlighting how crooks are updating the profitable scam technique to capitalize on the ongoing coronavirus pandemic and perform fraudulent wire transfers.

In the face of such ongoing threats, it’s recommended that users turn on two-factor authentication to secure their accounts and ensure fund transfer and payment requests are verified through phone calls confirming the transaction.

For more guidance on how to mitigate the risk, head to the FBI’s alert here.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Innovation in energy field: How machine learning promotes responsible consumption

Next Post

Google: US government targeted with 'free fast food' coronavirus phishing

Related Posts

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead
Internet Privacy

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

March 5, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Internet Privacy

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

March 4, 2021
A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account
Internet Privacy

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

March 4, 2021
Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams
Internet Privacy

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams

March 4, 2021
Next Post
Google: US government targeted with ‘free fast food’ coronavirus phishing

Google: US government targeted with 'free fast food' coronavirus phishing

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Singapore Airlines frequent flyer members hit in third-party data security breach
Internet Security

Singapore Airlines frequent flyer members hit in third-party data security breach

March 5, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Generation Z: How post-millennial young people are engaging with blockchain
Blockchain

Generation Z: How post-millennial young people are engaging with blockchain

March 5, 2021
Machine intelligence – Spy agencies have high hopes for AI | Science & technology
Machine Learning

Machine intelligence – Spy agencies have high hopes for AI | Science & technology

March 5, 2021
8 concepts you must know in the field of Artificial Intelligence | by Diana Diaz Castro | Feb, 2021
Neural Networks

8 concepts you must know in the field of Artificial Intelligence | by Diana Diaz Castro | Feb, 2021

March 5, 2021
A Quick Guide to Understanding YouTube Ads [Infographic]
Marketing Technology

A Quick Guide to Understanding YouTube Ads [Infographic]

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Singapore Airlines frequent flyer members hit in third-party data security breach March 5, 2021
  • CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws March 5, 2021
  • Generation Z: How post-millennial young people are engaging with blockchain March 5, 2021
  • Machine intelligence – Spy agencies have high hopes for AI | Science & technology March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates