Nigerian Scammer Infects Himself with His Own Malware
Cernescu Andrei / 4 years ago
Email scammers have been around for a long time, and it’s not likely that we’ll be rid of them anytime soon. However, more and more people are becoming aware of their activities and are much more careful about what links they click when they receive emails, which is why these scammers need to think outside the box and come up with increasingly advanced ways to trick us. Recently, researchers have uncovered a new “wire-wire” technique that earned as much as $3 million per year for a Nigerian group that includes about 30 members. What’s interesting about this method is that it allowed scammers to target a group of publicly available emails and try to infect them with malware, and when they actually got a hit, they were able to access the victim’s email accounts in order to identify potential suppliers or clients that they were in business with.
Emails with invoices were the primary targets, as the group members were able to simply swap the victim’s details with their own. Until a delivery or payment was marked as overdue, neither the client or the business knew that something went wrong, which made the technique particularly difficult to trace. In a bit of an ironic twist, SecureWorks security experts Joe Stewart and James Bettke were alerted to this kind of attack in February when they found a keylogger that was sending unsecured data to an open web server.
Apparently, the leader of the aforementioned Nigerian group accidentally infected his own computer with the malware, which allowed the experts to find out who was behind the attacks and what kind of tools they were using. Fortunately, Nigeria’s Economic and Financial Crimes Commission has been notified, and reports suggest that there is at least one current active investigation going on.