What Makes Email Scammers Hard to Detect? By: CIO Advisor APAC
Cyber attacks are constantly on the increase. This article will help the users to know much more about scams. Read on these to learn more about these scams and the way to spot and avoid them. Every enterprise is vulnerable to scams and scammers. Cybercriminals modify their techniques as fast as cybersecurity organizations create new items and services. Fraud is a remarkable process in which enterprises lose money. The media is filled with histories about scams against individuals, but enterprises are just as likely to be fraud victims. According to researchers at Agari, an email scam is linked to cyber-criminals operating out of Nigeria. The Group known as Silent Starling, started in 2015 with romance scams and cheque scams and then advanced to wire transfer requests and gift card scams. Employing new attacks, the group has duped over 500 companies in 14 countries, with most of their victims from the U.S. and Canada. The group has scammed 700 employee email accounts and stole over 20,000 emails to help cash-out campaigns successfully. Top Risk and Compliance Solution Companies The scams begin with the hackers trying to steal email login credentials using phishing technique to redirecting the users to a spoofed version of tools like Office365 and other softwares. After gaining the credentials, the attacker’s login and set up a forwarding rule to automatically redirect copies of all the emails to separate accounts they control. Further, they inspect the contents of the emails to understand their victims. Also, email scammers set up alerts for keywords such as invoices and payments to gather information such as the actual sender’s language and this times of day they tend to be most active. Next they gain
access to the attachments and URLs used in the email to create a fraudulent invoice that looks completely legal. The invoice requests are precise because they will expect an invoice from the vendor. The only formation in the invoice is the bank details, which redirects the money to the cybercriminal bank account. These scams are more time and resource-consuming than a regular BEC campaign, but the reward is higher. These scams are stealthy, and they cannot be caught easily. In the meantime, the company can cross-check the outgoing payments to protect itself from these scams. #CIO Advisor APAC Scam #CIO Advisor APAC Scam #CIO Advisor APAC Scam