Connect with us

Hi, what are you looking for?



Nigerian Cybercriminals Target Firms Worldwide in BEC Campaign

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

Researchers at Trend Micro have been monitoring a business email compromise (BEC) campaign aimed at companies from all around the world.

The campaign, dubbed by experts Olympic Vision based on a piece of malware used by the attackers, is believed to be run by two Nigerian cybercriminals — one located in Lagos, Nigeria’s largest city, and one in Kuala Lumpur, the capital of Malaysia.

According to the security firm, the cybercriminals target organizations in sectors such as manufacturing, real estate and construction from the Asia Pacific region (38 percent), Europe and the Middle East (38 percent), and North America (22 percent). The list of targeted countries includes Canada, the United States, China, Indonesia, Malaysia, Thailand, Germany, the Netherlands, Slovakia, Spain, the United Kingdom, Iran, Iraq, Qatar, Saudi Arabia, UAE, and the African country Zimbabwe.

In BEC attacks, cybercriminals compromise the targeted organization’s business email accounts, particularly ones of executives and employees in charge of wire transfers. This access is used to obtain information and manipulate employees into transferring large amounts of money to bank accounts controlled by the fraudsters.

In the campaign observed by Trend Micro, the attackers sent urgent-sounding emails in an attempt to trick potential victims into installing a piece of malware dubbed Olympic Vision. The threat, whose toolkit can be acquired for only $25, allows attackers to steal various types of information from the infected device, including saved credentials from browsers and email clients, Windows product keys, keystrokes, network information, screenshots, and images and text from the clipboard.

Such information helps the cybercrooks hijack email accounts and increase the efficiency of their social engineering schemes when they attempt to trick victims into wiring money.

Trend Micro says it has uncovered the identities of the two Nigerian suspects and has been working with law enforcement to crack down on their activities.

BEC scams are increasingly common and the FBI issued a warning last year to inform companies about the threat. According to the agency, more than 7,000 companies in the United States had been affected by such scams since 2013, totaling losses of more than $740,000.

Advertisement. Scroll to continue reading.

One recent example of a successful BEC attack involves aircraft parts manufacturer FACC AG, which lost roughly $54 million after cybercriminals targeted its accounting department.

A study conducted recently by email services provider Mimecast showed that while 64 percent of IT security professionals view email as a major threat to their business, 65 percent don’t feel properly equipped to handle potential attacks. In fact, one third of the 600 experts who took part in the survey said their email had been more vulnerable compared to five years ago.

Related: Seagate Employee Tax Forms Stolen in Phishing Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

Merlin Ventures has appointed cybersecurity executive Andrew Smeaton as the firm’s CISO-in-Residence.

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

More People On The Move

Expert Insights