sb-au logo
Story image

When imitation is not the sincerest form of flattery

13 Apr 2017

The huge cost of cybercrime was once again graphically illustrated a few weeks ago by a story on the BBC of a hacker who allegedly used phishing techniques and fake websites to steal over $100m from two major U.S. companies.

According to the U.S. Department of Justice, the Lithuanian man allegedly set up a bogus company, which bore the same name as a legitimate Asian-based computer hardware manufacturer, and used the front to syphon off money from two major US companies between 2013 and 2015.

The attacker allegedly registered the bogus company in Latvia and opened various accounts in its name at several banks around the world.

He then is reported to have sent fraudulent phishing emails to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with the cloned company, and got them to send money to bank accounts set up around the world for goods and services.

If you wanted a graphic illustration of why there is such an active and motivated cybercrime underworld, it’s here - $100 million worth of illustration!

Malicious actors have a range of motivations, including geopolitical, ideaological and espionage purposes. However, it is the financially-motivated cybercriminals we commonly see targeting the organizations we work with. These actors will go wherever the money is. Pure and simple.

It also ably demonstrates the threat posed by fake websites, companies and brands to legitimate businesses around the world. 

The trouble is it is easy to set up these resources, but it’s not always easy to identify them and act against them quickly and before they can have an impact. Intelligence is critical in these cases; the sooner you know about the threat, the sooner can you do something about it and protect your business.

But knowing the risk posed by your digital footprint is critical in today’s business environment. Companies need to be aware of the risks posed by malicious typosquatting and impersonation in support of targeted attacks. This is where attackers use domain names that are like a legitimate company to launch a wide variety of online fraud including phishing campaigns. 

Early detection of these domains is critical to helping organizations identify threats specific to their business so that they can quickly act to remove or neutralize them.

In one case, I have worked with a U.S. based global brand was targeted by another company with 50 typosquat domains, which went undiscovered for some time. In a second instance, we detected 30 active phishing sites targeting a client’s brand and detected customer and employees’ details being shared and sold on IRC channels. 

Early detection and effective intelligence is critical in today’s digital world to mitigate the risks created by today’s connected world. This case yet again shows why this is so important.

Article by Alastair Paterson, CEO and co-founder, Digital Shadows.

Story image
Kaspersky ranked number one in channel partner satisfaction
“Being recognised for the second consecutive year as the number one cybersecurity vendor for channel satisfaction, reflects the investment we have made in the Kaspersky United partner program over the past two years."More
Story image
Research reveals increase in critical, low complexity vulnerabilities
2020 saw a large spike in physical and adjacent vulnerabilities, likely due to the proliferation of IoT and smart devices in use and being tested by researchers.More
Story image
VPNs and zero trust security don't mix - Zscaler report
93% of organisations surveyed have deployed some kind of VPN, yet 94% know that VPNs are a popular target for cybercriminals.More
Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
Cyber-risk to critical infrastructure reaches all-time high — report
New research from Nozomi Networks Labs found that attackers are doubling down on high-value targets and weaponising the software supply chain.More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More