Security News > 2020 > April > Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million

In a recent highly targeted BEC attack, hackers managed to trick three British private equity firms into wire-transferring a total of $1.3 million to the bank accounts fraudsters have access to - while the victimized executives thought they closed an investment deal with some startups.

According to the cybersecurity firm Check Point, who shared its latest investigation with The Hacker News, nearly $700,000 of the total wire transferred amount has permanently lost to the attackers, with the rest of the amount recovered after researchers alerted the targeted firms in time.

The fraud scheme, which has since caught three UK and Israeli based finance firms in the net, works by sending phishing emails to high profile individuals in the target organization to gain control of the account and carry out extensive reconnaissance to understand the nature of business and the key roles inside the company.

Aside from infiltrating the high-level corporate email account and monitoring messages, the hackers register separate lookalike domains that mimic the legitimate domains of the entities involved in the email correspondences they want to intercept, thus allowing them to perpetrate a MITM attack by sending emails from the fraudulent domains on behalf of the two parties.

FBI Sounds Warning Against BEC Attacks Business email compromise attacks have surged in recent years as organized cybercrime groups try to profit off email scams directed against big businesses.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/aQNnf4tJ4U8/bec-scam-wire-transfer-money.html