Scam revealed after con artists infect network with their own malware
You’ve probably heard about fake invoice scams where con artist sends out millions of phishing emails to businesses. The emails have invoices attached which the scammers hope the businesses will pass on to their accounts department without questioning the source. The problem is, as more and more people become aware of the scam, how do con artists convince their victims to pass on the invoice?
In the new “wire-wire” scam, Nigerian swindlers are bombing business with phishing emails with malware links and attachments. The recipient opens the email and infects their computer. The scammers then use the infected computer to send more emails within the company, infecting more computers.
Eventually, they use the infected computers to send internal requests for money to be transferred or invoices to be paid. Because the call is coming from inside the house, no one thinks to question the invoice.
The new version of the scam was only uncovered when the scammers accidentally infected their own network, recorded all of their keystrokes and interactions.
That data was uploaded to a file-sharing network that the SecureWorks researchers were able to monitor and learn from.
The SecureWorks study claimed:
Bettke and Stewart estimate the group they studied has at least 30 members and is likely earning a total of about $3 million a year from the thefts. The scammers appear to be “family men” in their late 20s to 40s who are well-respected, church-going figures in their communities. “They’re increasing the economic potential of the region they’re living in by doing this, and I think they feel somewhat of a duty to do this,” Stewart says.
Nicholas J. Johnson is a Melbourne magician, author of collector of scams.