by Raimund Genes
In the fight against global cybercrime it can be pretty depressing sometimes reading the daily headlines. Whether it’s the discovery of yet another major targeted attack campaign, banking trojan, ransomware family or data breach, most news is bad news. So we’re delighted to be able to strike a blow for the white hats with news that Trend Micro’s collaborative efforts with Interpol and Nigerian officers have reaped a significant reward.
Our work has led to the arrest of a suspected online fraud mastermind behind countless whaling, 419 and romance scams.
Online fraud is nothing new. The infamous 419 scam has been around almost as long as email itself. Over the years, the fraudsters have expanded their repertoire to trick more and more vulnerable internet users out of their hard earned money.
The latest in this long line of online scams is the Business Email Compromise (BEC), or whaling attack. Typically it involves an attacker spoofing their email to make it appear to come from the CEO or CFO of a major company. They might do some research on LinkedIn or similar to find out exactly who to target in an organisation – usually a senior member of the accounts payable team. Then it’s just a case of sending them an email, pretending to be that C-level exec and requesting the transfer of a large amount of corporate funds to an external bank account. It sounds too obvious to actually work, but work it has. In fact, the FBI claimed in June that BEC scams have caused damages of over $3 billion over the past three years.
That’s why we’re delighted to see our efforts with Interpol and Nigeria’s Economic and Financial Crime Commission (EFCC) have led to the arrest of a 40-year-old Nigerian national named “Mike” who is alleged to have conned more than $60m from various companies over the years. We analysed the command and control structure related to malware used in some BEC scams to track down his location, before handing over the info to law enforcers.
It’s the latest in a growing list of wins for Trend Micro and police forces around the world. In November 2015, for example, two people were arrested on suspicion of offering services to help criminals overcome and avoid anti malware software, after a joint operation between ourselves and the UK National Crime Agency.
Partnering for success
Collaboration like this is vital in the ongoing fight against global cybercrime. Why? Because law enforcement is stretched to the limit in terms of the technical and human resources needed to tackle a growing, determined and highly dispersed adversary. That’s where industry players like Trend Micro really come into their own. Specifically, we can offer intelligence gleaned from our global network of threat researchers, alongside the Smart Protection Network – which analyses and blocks over 250 million threats each day.
We’ll be discussing this in more detail at our CLOUDSEC event in London in September. At the one-day conference there’ll be a panel debate featuring Philipp Amann, head of strategy at Europol’s European Cybercrime Centre (EC3); FBI supervisory special agent, Timothy Wallach; and former CIA CTO, Bob Flores. It’ll be a fantastic opportunity to learn more from experts in their field on how law enforcers, academics, industry and other players can maximise their efforts in the fight against global cybercrime. That’s just one of the highly anticipated sessions at CLOUDSEC, which will kick off with some fascinating insights from the EMEA head of our Forward Looking Threat Research Team, Robert McArdle.
CLOUDSEC will be packed from start to finish by must-see presentations, panel debates and networking opportunities. So check out the below and register for a place today.
What: CLOUDSEC UK 2016
Where: Park Plaza, Westminster Bridge Rd, London SE1 7UT
When: Tuesday, 6 September 2016