Added: Keshana Moyers - Date: 12.12.2021 17:55 - Views: 44316 - Clicks: 3782
You would think that after decades of analyzing and fighting spamthere'd be a fix by now for the internet's oldest hustle—the Nigerian Prince scam. In fact, groups of fraudsters in Nigeria continue to make millions off of these classic cons.
And they haven't just refined the techniques and expanded their targets—they've gained minor celebrity status for doing it. On Thursday, the security firm Crowdstrike published detailed findings on Nigerian confraternities, cultish gangs that engage in various criminal activities and have steadily evolved fraud into a reliable cash cow. The groups, like the notorious Black Axe syndicate, have mastered the creation of compelling and credible-looking fraud s.
The whole idea is why invest hundreds of thousands of dollars to build your own malware when you can just convince someone to do something stupid? And they've embraced this identity.
Advanced Nigerian groups have lately increased the amounts they make off with in each attack by targeting not just individuals but small businesses. With so many many third parties, clients, languages, time zones, and web domains involved in daily business, it can be difficult for a company with limited resources to separate out suspicious activity from the expected chaos.
Nigerian scammers will send tailored phishing s to a company to get someone to click a link and infect their computer with malware. From there, the attackers are in no hurry. They do reconnaissance for days or weeks, using key loggers and other surveillance tools to steal credentials to all sorts of s, figure out how a company works, and understand who handles purchasing and other transactions.
Eventually the scammers will settle on a tactic; they may impersonate someone within the company and attempt to initiate a payment, or they might pretend to be a company the victim contracts with and send the target an innocuous-looking invoice to pay. And the scammers rely on this sort of man-in-the-middle attack for all sorts of manipulations. They spend months sifting through inboxes.
In other situations, scammers will make Skype video calls to legitimize transaction requests, and use a still from a video they find of the employee they are impersonating to make it seem like the person is genuinely calling and the video is just lagging behind the audio.
After victims wire their money away, the scammers often route it through China and other Asian countries before moving it a few more hops and landing it in Nigeria. And then they do a phone call or something else to the victim to increase the credibility of the scam.
Law enforcement groups around the world, including the FBI, Interpol, and Canadian and Italian agencies, Nigerian scam email sample successfully indicted and arrest various kingpin scammers. But extensive jurisdictional issues make it an especially difficult problem for law enforcement. And many victims have little recourse once their money is gone. While Nigerian scammers take a different tack than hacking groups in Eastern Europe and Russia, researchers say they still pose a genuine threat. Researchers say that businesses should try to protect themselves with basic steps like updating software and adding two-factor authentication, so even if scammers steal credentials they can't wreak instant havoc.
Adding administrative controls to limit the types of s and attachments employees can receive can also screen out some phishes, and adding an indication when messages come from outside the company's own domain can help flag malicious s pretending to be from a colleague on a similar-looking server. Crowdstrike's Meyers also suggests that small businesses set requirements that multiple people off on large transactions.
She ly worked as a technology reporter at Slate magazine and was the staff writer for Future Tense, a publication and project of Slate, the New America Foundation, and Arizona State University. Senior Writer Twitter. Topics phishing Crime.Nigerian scam email sample
email: [email protected] - phone:(416) 812-2983 x 2431