Africa deploying offence-in-depth to fight BEC email fraud attacks

News by Edgar Rwakenya

Offence-in-depth approach likely to fight cyber-criminals exploiting the BEC/BES amid increasing attacks from west Africa, says research.

According to SecureWorks CTU, researchers who recently tried a new approach called “the offence-in-depth approach”, aimed at curbing business email compromise (BEC) and business email spoofing (BES) in west Africa, suggest that the approach is likely to address most of the BEC/BES cyber-attacks that are on the rise on the continent.

The approach, which uses three main factors to attack fraud, includes working with law enforcement to identify and arrest the criminals, but most of the effort is basically to waste the fraudsters' time and reduce their rewards by reporting “mule” bank accounts to be frozen, SecureWorks CTU researcher Joe Stewart told SC Media UK.

“The offense-in-depth approach involves disruption or stalling of scammers. So, the targets or defenders would aim to increase the attacker's risk levels and effort, while reducing the corresponding reward,” Stewart stated.

Since law enforcement lack sufficient time and funds to engage with each criminal, African countries can use the offence-in-depth approach and, instead of blocking, deleting or just reporting these emails, recipients could leverage their strength-in-numbers by replying and occupying the fraudster's attention for as long as possible, Stewart explained.

“While the offence-in-depth can be successful, it is up to the target to evaluate whether it is worth engaging with the attacker, Stewart added.

Inadequate funding plus legal and regulatory policy issues are other factors fueling cyber-crime in the region which pose a great risk to economic growth, said Ikechuchu Nnamani, president of Demadiur Systems Nigeria.

“Regional partnerships with global players can be the possible way to provide solutions and approaches to address identified cyber-security problems in Africa,” Ikechuchu noted.

According to a recently published joint Interpol-Trend Micro report, Western Africa's cyber-criminals, using compromised business email addresses to intercept and spoof in-office communications, have targeted businesses more than individuals. The most targeted industry was manufacturing followed by a long list of other industries including food and beverage, transportation and healthcare.

“While there is not yet an actual underground marketplace, cyber-crime is pervasive in west Africa. Both the approach to cyber-crime and the manner in which threat actors communicate lead to a cyber-criminal ecosystem unlike any other we've experienced thus far,” Raimund Genes, chief technology officer at Trend Micro, said.

The study also revealed that in west Africa, an average of $2.7 million (£2.2 million) is stolen from businesses, compared with $422,000 (£341,000) from individuals. Criminals appear to be using advanced tools dedicated to harvesting email addresses from websites such as Bulk Email Extractor and GSA Email Spider among others.

Over $3 billion (£2.43 billion) has been lost to cyber-criminals exploiting the BEC/BES cyber-attacks in the last three years, the report added.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews