Application security, Threat Management, Network Security

Nigeria-based BEC scams pulling in millions, SecureWorks report

A transfer of $400,000 was redirected to a group of Nigerian hackers.

This was just one example detected by SecureWorks, which has been studying the business email compromise, or BEC, trend and issued a new report. The increasingly common form of social engineering attack sends phony emails that appear to come from a legitimate source and target individuals who are duped into authorizing transfers of funds.

In this case, the perps were a 30-member group that SecureWorks dubbed Wire-Wire Group 1 (WWG1), an escalation of the "Nigerian prince" and "419" con man scams. 

"The threat actors added a rule to the employee's email to redirect all future email from the U.S. company to the attacker's email account," the report found.

Campaigns like this one are raking in $6 million annually. In April, the FBI said nearly 18,000 victims had reported BEC scams in the past three years, resulting in the loss of $2.3 billion.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.