Bengaluru: FireEye Inc., a malware protection system, reveals the details of an active online payment-diversion campaign which targets SMBs in non-English speaking nations. The company also traced the whereabouts of the group responsible to a Nigerian group which is a modern twist on 419 scams. The cyber security firm also revealed that over 45 percent of the victims were from India and many others from Indonesia and Vietnam. The main game plan of this scam was to divert the legal ongoing payment transactions done by the victims to the group’s account and it was also observed that a scammer could easily collect over $1 million in a single transaction.
Unlike other cyber criminal groups, these scammers depend on third-party providers for documentation, tutorials and malicious software to execute their attack. Through these tools, the group gains access to the victim’s computer and download and install a malware file which will help the group to track the victim’s online transactions. Once the group identifies a potential victim, they login into the victim’s accounts using the stolen information and pick only the transactions that are legit and easy to hijack.
The group then buys domains and creates fake email accounts that look familiar to the buyer and seller’s accounts and copy the ongoing conversation via the newly created fake accounts and continue the conversation. Once they have access to both sides of the conversation, they send the buyer with the ‘updated’ bank details, which actually belong to the scammers.
“Cyber attacks are creating big challenges for large organizations in India. Unfortunately, smaller firms aren’t immune from these attacks. As firms move online to do business, they become exposed to a wide array of attackers,” says Ramsunder Papineni, Regional Director for India, FireEye. “This report shows cyber security isn’t only a technology problem; organizations are also up against people who will act on intelligence to achieve their objectives,” he added.
Founded in 2004 by Ashar Aziz, FireEye is the leader in alleviating the new breed of cyber attacks, such as advanced malware, that easily bypass traditional signature-based defenses and compromise the majority of enterprise networks. FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 3,700 customers across 67 countries, including 675 of the Forbes Global 2000.