Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Nigerian Cybercriminals Target Firms Worldwide in BEC Campaign

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

The campaign, dubbed by experts Olympic Vision based on a piece of malware used by the attackers, is believed to be run by two Nigerian cybercriminals — one located in Lagos, Nigeria’s largest city, and one in Kuala Lumpur, the capital of Malaysia.

According to the security firm, the cybercriminals target organizations in sectors such as manufacturing, real estate and construction from the Asia Pacific region (38 percent), Europe and the Middle East (38 percent), and North America (22 percent). The list of targeted countries includes Canada, the United States, China, Indonesia, Malaysia, Thailand, Germany, the Netherlands, Slovakia, Spain, the United Kingdom, Iran, Iraq, Qatar, Saudi Arabia, UAE, and the African country Zimbabwe.

In BEC attacks, cybercriminals compromise the targeted organization’s business email accounts, particularly ones of executives and employees in charge of wire transfers. This access is used to obtain information and manipulate employees into transferring large amounts of money to bank accounts controlled by the fraudsters.

In the campaign observed by Trend Micro, the attackers sent urgent-sounding emails in an attempt to trick potential victims into installing a piece of malware dubbed Olympic Vision. The threat, whose toolkit can be acquired for only $25, allows attackers to steal various types of information from the infected device, including saved credentials from browsers and email clients, Windows product keys, keystrokes, network information, screenshots, and images and text from the clipboard.

Such information helps the cybercrooks hijack email accounts and increase the efficiency of their social engineering schemes when they attempt to trick victims into wiring money.

Advertisement. Scroll to continue reading.

Trend Micro says it has uncovered the identities of the two Nigerian suspects and has been working with law enforcement to crack down on their activities.

BEC scams are increasingly common and the FBI issued a warning last year to inform companies about the threat. According to the agency, more than 7,000 companies in the United States had been affected by such scams since 2013, totaling losses of more than $740,000.

One recent example of a successful BEC attack involves aircraft parts manufacturer FACC AG, which lost roughly $54 million after cybercriminals targeted its accounting department.

A study conducted recently by email services provider Mimecast showed that while 64 percent of IT security professionals view email as a major threat to their business, 65 percent don’t feel properly equipped to handle potential attacks. In fact, one third of the 600 experts who took part in the survey said their email had been more vulnerable compared to five years ago.

Related: Seagate Employee Tax Forms Stolen in Phishing Attack

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.