A Nigeria-based hacker group called “London Blue” has compiled a list of thousands of CFOs of businesses including top banks and mortgage lenders, and is trying to scam the executives into sending them company funds.
The hackers are employing a scam known as “business email compromise” (BEC), according to a CNN report. In that scam, attackers use email to pose as a company executive such as the CEO and request that money be transferred to an outside account. The FBI estimates that between 2013 and 2018, fraudsters using the email scam stole more than $12 billion from businesses worldwide.
The London Blue scam was detailed in a report by cybersecurity firm Agari, which investigated the hackers after coming under attack itself, CNN reported. Agari said that targets of the scam range from “small businesses to the largest multinational corporations.” More than half are in the United States.
There are 50,000 finance executives on the hackers’ target list, according to Agari – with banks and mortgage companies heavily featured.
“Several of the world’s biggest banks had dozens of executives listed,” Agari said in its report. “The group also singled out mortgage companies for special attention, which would enable scams that steal real estate purchases or lease payments.”
“Banks, mortgage lenders and other financial corporations need to remain extremely vigilant to this kind of activity,” Ryan Wilk, vice president of customer success for NuData Security, said in an email to MPA. “BEC fraud can be incredibly difficult to spot, as these hackers will take the time to make their attempt as accurate as possible using social engineering – learning job titles and names of key decision-makers with tools such as LinkedIn and Twitter. CFOs and other potential targets of this campaign should use extreme caution when clicking on unsolicited email links, and should flag the email with the decision-maker it allegedly came from if it seems in any way unusual.”