Another case of ‘the biter bit’: for The Register, Richard Chirgwin describes a “‘Nigerian scammer’ busted after he infected himself with malware – Researchers able to watch wire-fraudsters operate in real time”
Apart from the Schadenfreude many of us experience when a scammer shoots himself in the foot, it’s worth reading the article for the summary of how the ‘wire-wire’ scam works. Chirgwin considers this to be a variation on a family of scams described earlier this year by the FBI: FBI Warns of Dramatic Increase in Business E-Mail Scams.
The Register’s article is based on a comprehensive analysis by Joe Stewart and James Bettke for SecureWorks of Wire Wire: A West African Cyber Threat.
The report describes how practitioners of the traditional 419 scam, based on simple social engineering, have moved towards two more technically sophisticated types of this particular scam:
- Business email compromise (BEC) — Hijacking an email account or an email server to intercept business transactions and redirect payments
- Business email spoofing (BES) — Sending spoofed email from an external account pretending to be a company executive authorizing an irregular payment transaction