Cybercriminals based in Nigeria are reportedly launching wire fraud attacks against U.S. companies, with private sector companies alerted to the potential threat, according to security firm TrustedSec. A number of U.S. companies are dealing with data breaches, while scores of others aren't even aware they've been affected.
The criminals are compromising third-party vendor or partner email accounts - specifically for accounting and invoicing - register a domain name to closely mimic the compromised company, and then the criminals will request refunds, lines of credit, or change orders. Sometimes this doesn't work, and they resort to email spoofing - all in an effort to get money wired from the impacted company to the criminals.
"The scary part with this one is that they are using already trusted third parties and already have knowledge of certain financials from these companies," said David Kennedy, TrustedSec founder, in a statement to SCMagazine. "The wire transfers are initiated because they already have a trust relationship with the company."