The FBI, along with Australian, Japanese, and Nigerian authorities, has arrested 65 individuals in the US and overseas who have been engaging in business email compromise scams that have exfiltrated over $51 million, CyberScoop reports.
More than 500 victims across the US are believed to have been impacted by the BEC scammers, including a renewable energy supplier in Puerto Rico.
"Operation Eagle Sweep’s success is directly attributed to our global reach and worldwide partnerships. Our message to criminals involved in these BEC schemes will remain clear: We will pursue you no matter where you may be located. The public we serve deserves nothing less," said FBI Cyber Division Assistant Director Bryan Vorndran.
The operation, which took place over a three-month period beginning last September, comes after 11 individuals suspected to be part of a Nigerian crime ring were arrested by the Interpol in January. The FBI's Internet Crime Complaint Center noted that losses from BEC and other email account compromises reached almost $2.4 billion last year, which was the highest of any category.
Threat actors have leveraged the ZeroFont phishing attack technique, which initially involved the insertion of hidden characters or words in emails to evade security detection systems, to modify message previews as shown on Microsoft Outlook and other email clients, BleepingComputer reports.
BleepingComputer reports that individuals who have filed claims against bankrupt cryptocurrency lender Celsius have been subjected to phishing attacks involving the impersonation of the lender's claims agent, Stretto.