sb-nz logo
Story image

When imitation is not the sincerest form of flattery

13 Apr 2017

The huge cost of cybercrime was once again graphically illustrated a few weeks ago by a story on the BBC of a hacker who allegedly used phishing techniques and fake websites to steal over $100m from two major U.S. companies.

According to the U.S. Department of Justice, the Lithuanian man allegedly set up a bogus company, which bore the same name as a legitimate Asian-based computer hardware manufacturer, and used the front to syphon off money from two major US companies between 2013 and 2015.

The attacker allegedly registered the bogus company in Latvia and opened various accounts in its name at several banks around the world.

He then is reported to have sent fraudulent phishing emails to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with the cloned company, and got them to send money to bank accounts set up around the world for goods and services.

If you wanted a graphic illustration of why there is such an active and motivated cybercrime underworld, it’s here - $100 million worth of illustration!

Malicious actors have a range of motivations, including geopolitical, ideaological and espionage purposes. However, it is the financially-motivated cybercriminals we commonly see targeting the organizations we work with. These actors will go wherever the money is. Pure and simple.

It also ably demonstrates the threat posed by fake websites, companies and brands to legitimate businesses around the world. 

The trouble is it is easy to set up these resources, but it’s not always easy to identify them and act against them quickly and before they can have an impact. Intelligence is critical in these cases; the sooner you know about the threat, the sooner can you do something about it and protect your business.

But knowing the risk posed by your digital footprint is critical in today’s business environment. Companies need to be aware of the risks posed by malicious typosquatting and impersonation in support of targeted attacks. This is where attackers use domain names that are like a legitimate company to launch a wide variety of online fraud including phishing campaigns. 

Early detection of these domains is critical to helping organizations identify threats specific to their business so that they can quickly act to remove or neutralize them.

In one case, I have worked with a U.S. based global brand was targeted by another company with 50 typosquat domains, which went undiscovered for some time. In a second instance, we detected 30 active phishing sites targeting a client’s brand and detected customer and employees’ details being shared and sold on IRC channels. 

Early detection and effective intelligence is critical in today’s digital world to mitigate the risks created by today’s connected world. This case yet again shows why this is so important.

Article by Alastair Paterson, CEO and co-founder, Digital Shadows.

Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
Report: Power utilities increasingly at risk of devastating cyber-attacks
“Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control.”More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More
Story image
Gartner names ThreatQuotient a representative vendor for SOAR
The company is listed in Gartner’s 2020 Market Guide for Security Orchestration, Automation and Response Solutions.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More