In a recent highly targeted BEC attack, hackers managed to trick three British private equity firms into wire-transferring a total of $1.3 million to the bank accounts fraudsters have access to — while the victimised executives thought they closed an investment deal with some startups.
According to the cybersecurity firm Check Point, who shared its latest investigation with The Hacker News, nearly $700,000 of the total wire transferred amount has permanently lost to the attackers, with the rest of the amount recovered after researchers alerted the targeted firms in time.
Dubbed ‘The Florentine Banker,’ the sophisticated cybercrime gang behind this attack, “seems to have honed their techniques over multiple attacks, from at least several years of activity and has proven to be a resourceful adversary, quickly adapting new situations,” the researchers said.
‘The techniques they use, especially the lookalike domains technique, present a severe threat — not only to the originally attacked organisation but also to the third-parties with whom they communicated using the lookalike domain.’
The security firm said previous spear-phishing campaigns launched by the same group of hackers mainly targeted the manufacturing, construction, legal, and finance sectors located in the US, Canada, Switzerland, Italy, Germany, and India, among others.
images from Hacker News