Eleven prolific BEC scam suspects arrested in Nigeria – The Daily Swig

wp header logo 1443
Spread the love

APT focus
Take a closer look at Iran’s state-sponsored hacking groups
Hacker-powered security
Human error bugs increasingly making a splash, study indicates
In focus
Software supply chain attacks – everything you need to know
Special report
North Korean cyber-threat groups become top-tier adversaries
What’s in a (domain) name?
How expired web domains are helping criminal hacking campaigns
Bug Bounty Radar
The latest programs for January 2022
Cybersecurity conferences
A schedule of events in 2021 and beyond
SilverTerrier brought to heel
Eleven prolific BEC scam suspects arrested in Nigeria
Eleven alleged members of a prolific cybercrime network have been arrested in Nigeria following a joint operation involving the Nigerian Police Force (NPF) and Interpol.
The suspects, alleged members of the ‘SilverTerrier’ crew, are accused of targeting thousands of organizations worldwide through business email compromise (BEC) scams.
BEC attacks typically involve sending a spoofed email purporting to come from either a senior executive in a targeted organization or a trusted customer. In other cases, hacked email accounts are used to send fraudulent messages.
In either case, recipients are instructed to approve payments and transfer funds into accounts controlled by fraudsters.
The 10-day Operation Falcon II campaign that led onto the arrests in mid-December was based on “intelligence provided by Interpol” involving the tracking of fraudulent payments.
News of the arrests of the as-yet unnamed suspected was released this week.
Led by Interpol’s Cybercrime Directorate in Singapore, Operation Falcon II also involved Nigerian law enforcement agencies and threat intel units from cybersecurity firms Group-IB and Palo Alto Networks.

RELATED A guide to spear-phishing – how to protect against targeted attacks

Police reckon the Nigerian fraudsters they arrested may be associated with BEC scams against more than 50,000 targets.
A total of 800,000 potential victim domain credentials were discovered on the laptop of one of the suspects, Interpol said.
Another suspect was said to have been monitoring conversations between 16 companies and their clients – an alleged process of reconnaissance designed to select the optimum time to make fraudulent requests just as genuine transactions were due to take place.
Interpol’s Global Financial Crime Taskforce is coordinating further action against ‘SilverTerrier’ bank accounts and sharing intelligence on the compromised domain credentials of potential victims with member countries to prevent further fraud.
YOU MAY ALSO LIKE VPNLab takedown: Authorities dismantle secure communication tool favored by cybercriminals
John Leyden
@jleyden
Burp Suite
Vulnerabilities
Customers
Company
Insights
© 2022 PortSwigger Ltd.

source

Read Previous

Stand Up For Your Rights, Group Tells Nigerians

Read Next

APC Releases Schedule Of Activities For February Convention

Leave a Reply

Your email address will not be published.