Application security, Threat Management, Network Security

Nigeria-based BEC scams pulling in millions, SecureWorks report

A transfer of $400,000 was redirected to a group of Nigerian hackers.

This was just one example detected by SecureWorks, which has been studying the business email compromise, or BEC, trend and issued a new report. The increasingly common form of social engineering attack sends phony emails that appear to come from a legitimate source and target individuals who are duped into authorizing transfers of funds.

In this case, the perps were a 30-member group that SecureWorks dubbed Wire-Wire Group 1 (WWG1), an escalation of the "Nigerian prince" and "419" con man scams. 

"The threat actors added a rule to the employee's email to redirect all future email from the U.S. company to the attacker's email account," the report found.

Campaigns like this one are raking in $6 million annually. In April, the FBI said nearly 18,000 victims had reported BEC scams in the past three years, resulting in the loss of $2.3 billion.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds