sb-as logo
Story image

When imitation is not the sincerest form of flattery

13 Apr 2017

The huge cost of cybercrime was once again graphically illustrated a few weeks ago by a story on the BBC of a hacker who allegedly used phishing techniques and fake websites to steal over $100m from two major U.S. companies.

According to the U.S. Department of Justice, the Lithuanian man allegedly set up a bogus company, which bore the same name as a legitimate Asian-based computer hardware manufacturer, and used the front to syphon off money from two major US companies between 2013 and 2015.

The attacker allegedly registered the bogus company in Latvia and opened various accounts in its name at several banks around the world.

He then is reported to have sent fraudulent phishing emails to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with the cloned company, and got them to send money to bank accounts set up around the world for goods and services.

If you wanted a graphic illustration of why there is such an active and motivated cybercrime underworld, it’s here - $100 million worth of illustration!

Malicious actors have a range of motivations, including geopolitical, ideaological and espionage purposes. However, it is the financially-motivated cybercriminals we commonly see targeting the organizations we work with. These actors will go wherever the money is. Pure and simple.

It also ably demonstrates the threat posed by fake websites, companies and brands to legitimate businesses around the world. 

The trouble is it is easy to set up these resources, but it’s not always easy to identify them and act against them quickly and before they can have an impact. Intelligence is critical in these cases; the sooner you know about the threat, the sooner can you do something about it and protect your business.

But knowing the risk posed by your digital footprint is critical in today’s business environment. Companies need to be aware of the risks posed by malicious typosquatting and impersonation in support of targeted attacks. This is where attackers use domain names that are like a legitimate company to launch a wide variety of online fraud including phishing campaigns. 

Early detection of these domains is critical to helping organizations identify threats specific to their business so that they can quickly act to remove or neutralize them.

In one case, I have worked with a U.S. based global brand was targeted by another company with 50 typosquat domains, which went undiscovered for some time. In a second instance, we detected 30 active phishing sites targeting a client’s brand and detected customer and employees’ details being shared and sold on IRC channels. 

Early detection and effective intelligence is critical in today’s digital world to mitigate the risks created by today’s connected world. This case yet again shows why this is so important.

Article by Alastair Paterson, CEO and co-founder, Digital Shadows.

Story image
UiPath and eSentire bring hyperautomation to Microsoft Security
UiPath and eSentire have announced a strategic partnership to deliver end-to-end security policy automation across multiple Microsoft Security services.More
Story image
Why best-practice threat data management provides confident automation
Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. More
Story image
Surfshark rolls out WireGuard open source VPN protocol
When there is less code in a VPN, it is less susceptible to security vulnerabilities due to easier configuration and management, according to Surfshark.More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Cybersecurity market continues meteoric ascent
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More