Nigeria-based BEC scams pulling in millions, SecureWorks report
BEC scams have increased 270 percent since the start of 2015, said the FBI.
This was just one example detected by SecureWorks, which has been studying the business email compromise, or BEC, trend and issued a new report. The increasingly common form of social engineering attack sends phony emails that appear to come from a legitimate source and target individuals who are duped into authorizing transfers of funds.
In this case, the perps were a 30-member group that SecureWorks dubbed Wire-Wire Group 1 (WWG1), an escalation of the "Nigerian prince" and "419" con man scams.
"The threat actors added a rule to the employee's email to redirect all future email from the U.S. company to the attacker's email account," the report found.Campaigns like this one are raking in $6 million annually. In April, the FBI said nearly 18,000 victims had reported BEC scams in the past three years, resulting in the loss of $2.3 billion.