Organized Crime Group Scams US Companies Out Of MillionsOrganized Crime Group Scams US Companies Out Of Millions
Social engineering attack tricks companies into large wire transfers.
April 28, 2014
An organized crime group has spent the last month defrauding US companies, fooling them into making large wire transfers into fake partners' accounts.
According to a blog posted Friday by researchers at security firm TrustedSec, the crime group is conducting "a major offensive" against US firms using a sophisticated social engineering attack that appears to be a request for funds from one of the victim companies' legitimate partners. The attacks have a high rate of success, often fooling enterprises into sending amounts of $50,000 to $1 million, the blog says.
"A number of companies are still unaware that they have been victims of this attack," TrustedSec says.
The attack works in much the same way as a traditional phishing attack, only the stakes are much higher. The attacker compromises an email account in the victim's accounting department -- or that of the business partner -- and then registers an Internet domain that is very similar to the partner's legitimate domain name.
The attacker will establish communications with the victim using the partner's email credentials, often communicating via legitimate company letterhead with legitimate signatures. Initially, the communications may include the legitimate domain names.
Once communications have been established, the attacker will then submit requests for funds, change orders, or lines of credit from the victim company, TrustedSec says. If the initial requests don't work, the attacker may spoof emails to authorize the funds transfer or conduct a convincing social engineering attack over the phone.
The attackers often are successful in getting wire transfers to the fake domains, the blog says. A large number of the transfers are processed by banks in China.
"Note that the attackers are persistent; they use emotional triggers in order to entice the affected company to expedite the fraudulent requests," says TrustedSec. "They will become agitated, demand that it be expedited and even spoof emails coming from internal employees to coax the company to hurrying the process. They will also target your company again if successful."
IT organizations should warn their accounting departments about this fraud and verify all transactions with third-party partners and vendors, TrustedSec advices.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023