Evolution of Email Fraud - New Tactics and Techniques used by Hackers to Hijack Information

Rui Serra By Rui Serra • January 25, 2019

As is unfortunately always the case, hackers and other people with malicious intent keep on improving their methods of illegally hijacking people’s information. That also prompts companies to develop new and more effective ways for email security, as well as in other areas of cybersecurity.

This blog post talks about this evolution of email fraud that’s the primary cause for security improvements. As you will see, it is sometimes enough to use proven methods and a little strategy, to conduct hacking campaigns against their favorite target organizations with the aim of infecting victims and stealing data.

The New Threat from the ‘SilverTerrier’ Group

The group calling themselves SilverTerrier is a small operation of Nigerian cybercriminals who have access to a number of malware families, as well as remote-access Trojans (RATs).

The latest research has shown they have orchestrated more than 181,000 attacks using 15 different families of malware in 2017. They also send over 17,600 spam emails every month.

The group does send a substantial number of attacks, and most of them are not very sophisticated. However, they have started trying out newer methods, like using more modern RATs and tools that manage to capture keystrokes, spy on you through webcams, and gaining remote access to a computer. These methods have enabled them to start collecting massive amounts of data which they later use to improve their attacks. Only time will tell what the new and useful means of email fraud they will develop soon.

The Ever-Looming Threat of Business Email Compromise

Business email compromise (BEC) is nothing special or revolutionary in the world of cybercrime. However, it’s the use of several simple hacking methods that are making it possible and a huge problem for businesses across the globe.

The problem with BEC is the fact that anyone can do it, and that it only involves creating a convincing-enough email which will trick at least one business person out of many. The problem thus lies in the fact that more and more hackers are using this method and more phishing emails of this type are sent every day.

Consider this number – FBI reported in May 2017 that the global BEC ‘industry’ was worth $5.3 billion.

Additionally, it’s not all about the quantity, the effectiveness of BEC sometimes lies in the quality as well. Many hackers go to great lengths to research their target and find the perfect way of stealing their information. They carefully design the emails they are going to send, and they find ways to make them extremely personalized with the goal of tricking only a single CEO. With the previously mentioned BEC industry worth, it seems that this is working very well for them.

Key Takeaways

These kind of threats and frauds are here to stay it seems, but will also continue to evolve and increase the need for better security against email attacks. All you can do is raise awareness in your company about its effectiveness, how it works, and what the employees can do to protect the company’s information.

Additionally, your company should look into developing better email security tactics, and purchasing the right email security software, that can effectively protect your business from advanced threats.

Anubis Networks