FireEye Labs discovered an active operation of a group of cybercriminals involved in several payment diversion scams. This type of scam targets legitimate business transactions, which allows the scammer to divert funds to a bank account they control without the victim realizing.
Today, we release a new report “An Inside Look into the World of Nigerian Scammers” documenting the activities of a group of cybercriminals located in Nigeria. Despite their rudimentary methods, their techniques prove to be quite effective with at least one of their scams pulling in over $1 million dollars.
In observing this group, we get a rare glimpse into their day-to-day operations, which help us gain a better understanding of how such an organization is constructed. We examine how the scammers purchase exploits/malware from the underground and use e-commerce portals such as Alibaba to search and identify their victims. From there, we follow their footsteps as the scammers infect and study their victims before finally hijacking their business transactions.
The complete report can be downloaded here.