Researchers have uncovered a Nigerian hacking ring which targets maritime shipping firms in order to try and steal millions of dollars on an annual basis.
On Wednesday, security experts from the Secureworks Counter Threat Unit (CTU) said that the previously unidentified “Gold Galleon” threat group specializes in business email compromise (BEC) and business email spoofing (BES) fraud to dupe their victims into parting with funds.
In a blog post, CTU said that instead of spamming and targeting companies en masse, Gold Galleon focuses on global maritime shipping businesses and their customers.
The researchers estimate that between June 2017 and January 2018, the hackers attempted to steal upwards of $3.9 million, and on average, fraud attempts may reach attempted theft levels of $6.7 million per year.
BEC and BES scams are more sophisticated than your average spam email. Spearphishing, in which messages are crafted to appear to be legitimate employees, contacts, or other companies, are utilized to lure victims into a false sense of security.
By appearing legitimate, these kinds of scams will often attempt to persuade users to download malicious documents containing malware payloads or to visit malicious web pages which harvest credentials.
When these credentials are stolen, threat actors can then intercept genuine business email exchanges, alter orders or financial details, and quietly reap the rewards.