Last year, the US FBI announced that between October 2013 and December 2016, organisations across 131 countries suffered as many as 40,203 successful Business Email Compromise (BEC) attacks which cost them £3.74 billion in total.
"The BEC/EAC scam continues to grow, evolve, and target small, medium, and large businesses. Between January 2015 and December 2016, there was a 2,370 percent increase in identified exposed losses. The scam has been reported in all 50 states and in 131 countries. Victim complaints filed with the IC3 and financial sources indicate fraudulent transfers have been sent to 103 countries," the premier US investigative agency noted.
A Business Email Compromise attack involves hackers injecting malicious attachments or URLs on e-mails to take control over enterprise IT systems or to target them with ransomware. Such attachments and links are cleverly disguised to make them appear as official documents, thereby luring employees to click on such URLs or to download infected attachments.
In a coordinated operation aimed at tracking down groups of cyber-criminals involved in large-scale BEC attacks, the FBI, the US Department of Justice, the Department of Homeland Security, the Department of the Treasury, and the US Postal Inspection Service arrested as many as 74 cyber criminals based in the US, Nigeria, Canada, Mauritius, and Poland.
According to the FBI, the six-month-long operation resulted in the seizure of nearly $2.4 million (£1.79 million) and the recovery of approximately $14 million (£10.4 million) in fraudulent wire transfers. Out of 74 cyber-criminals arrested by law enforcement agencies, 29 were based in Nigeria and 42 in the United States.
"A number of cases charged in this operation involved international criminal organisations that defrauded small- to large-sized businesses, while others involved individual victims who transferred high-dollar amounts or sensitive records in the course of business.
"Foreign citizens perpetrate many of these schemes, which originated in Nigeria but have spread throughout the world," said the FBI, adding that cyber-criminals used money mules on a large scale to receive stolen money and to transfer such money to other accounts.
"The devastating impacts these cases have on victims and victim companies affect not only the individual business but also the global economy. Since the Internet Crime Complaint Center (IC3) began formally keeping track of BEC and its variant, e-mail account compromise (EAC), there has been a loss of over US$ 3.7 billion (£2.8 billion) reported to the IC3," the agency added.
The success of Operation WireWire comes as a major shot in the arm for law enforcement agencies who have been observing a major rise in the commissioning of BEC attacks across the globe. According to new research from Agari, Nigerian hackers have been the most active in carrying out such attacks, targeting the largest corporations, small businesses, real estate agents, and even hospice care providers with sophisticated, commercially purchased malware.
According to Agari, 90 percent of organised crime groups that carry out BEC attacks are based in Nigeria, that the average payment requested across all BEC attacks is around £26,593, that BEC has the highest success rate of all attacks with 0.37 victims per 100 probes, that 24 percent of all email scams are BEC, and that BEC attacks have an expected profit of between £736 to £3,922 per answered probe.
Commenting on the rise in the number of BEC attacks that also include phishing techniques, Eyal Benishti, CEO and founder of Ironscales told SC Media UK that phishing techniques continue to be as effective for cyber-criminals as they were years ago and that criminals are using familiar subject matter to gain access to all sorts of valuable data and information.
"To combat this, focus must move down the stack to the recipients inbox, that harnesses both human detection and machine intelligence, to automate and respond at scale to these types of attacks. By examining user communications and meta data to establish a baseline, anomalies in communications are easily spotted and automatically flagged as suspicious, to help people make smarter and quick decisions regarding suspicious emails within the mailbox," he added.