According to a new report from SecureWorks, a gang of 30-40 Nigerian cybercriminals are leveraging an email scam to loot a variety of businesses – mostly those involved in trading large shipments including chemical manufacturers, pharmaceutical companies and those who deal in heavy machinery.
SecureWorks reports that thieves are usually pretending to be executives with the firm – and tend to make use of fake email accounts. According to official figures from law enforcement, by June cyber criminals had tried to snatch more than $3 billion.
“They [the victims] sincerely believe there is a real transaction going on, so they become completely confused,” noted James Bettke, a researcher at SecureWorks, who said the Nigerian criminal ring was more sophisticated than some email spoofing scams.
SecureWorks has already contacted law enforcement to be on the lookout for the scam.
The most popular variation on this scam, according to Bettke is “digital cheque washing.”
Essentially – once the gang has gotten access to the funds it desires, the check is then washed in acetone to obscure the true payee and redirect the money to another bank account. By obscuring the proper relationships on a check, cybercriminals are essentially flipping around the payor and payee – and then collecting on invoices as though they are the party that is owed funds.
In one case cited by the Financial Times, hackers targeting a US chemical company sent a request to purchase $400,000 worth of chemicals. Upon capturing that information, the hackers changed the rules in the employee’s email account so that all future emails from that company were directed to the hackers’ inbox. Then they changed the invoice data so they were getting paid for the Chemicals. They changed the details on an invoice so the US company paid them, not the Indian company that actually provided them.