Spoofed email and malware hidden in attachments netted crooks in West Africa more than $3bn in three years from businesses.
That's according to research carried out by the International Criminal Police Organization (Interpol) and infosec biz Trend Micro. Forget claims of money stuck in bank accounts. Scammers are now raking it in from so-called business email compromise (BEC) schemes, according to the security team.
A BEC crook sends authentic-looking invoices and internal memos to businesses and their finance staff, tricking the employees into paying money into the thieves' accounts. The messages can also be booby-trapped with malware that infects work PCs and logs key-strokes. This information is then used to log into the company's online bank account, and transfer money to criminals' pockets.
The Interpol-Trend study found that between October 2013 and May 2016, BEC scammers walked off with more than $3bn having exploited the technique globally.
Such frauds are becoming a serious pain in the fundament: the FBI warned last year that they had siphoned over $1bn from American companies. Victims of BEC scams included the city of El Paso, in Texas, America, which got scammed out of $3.2m, and Austrian engineering firm FACC, which lost over $54m. Much of the money in both cases has now been recovered – but by no means all of it, and the problem is getting worse.
"West African cybercriminals are clearly shifting to more elaborate crimes, complex operations, and business models – BEC and tax fraud, in particular," the report [PDF] states.
"Armed with their social engineering expertise and ingenuity, and augmented by tools and services (keyloggers, RATs, crypters, counter-AV services, etc), West African cybercriminals are stealing large amounts of money via crimes targeting individuals and companies worldwide."
Quite why West Africa is such a hotspot for online crime isn't hard to work out – education and motive. Around half of all university graduates in West Africa are unemployed a year after graduation and so the lure of crime is strong.
It's now so established in some cultures that it has entered the pantheon of religion in Ghana, under the name Sakawa. The fraudsters make offerings to a supreme being that will protect their fraud from being discovered and ensure good fortune.
The study identified two big gangs working in the regions. The first, known as the Yahoo! Boys, concentrate largely on the traditional types of fraud like 419 scams – where an online figure (typically a bogus Nigerian prince or foreign lawyer) promises a big payout if the victim coughs up fees to free up the supposed fortune.
The Yahoo! Boys – so named because until recently they used the failing portal's chat tools to coordinate their scams – also carry out romance scams, forming faux relationships with the lonely and then 'borrowing' money for plane tickets to consummate the relationship. Another is the so-called "send money" scam, whereby they pretend to be a foreign traveler who has been mugged and needs funds from friends and family.
Typically members of the Yahoo! Boys are in their twenties, like to show off their wealth on social media, and operate in small, local groups. While their methods of fraud are relatively unsophisticated, they still make a good living.
More dangerous are what the study calls next-level cybercriminals. This group is generally older, doesn't show off their wealth, and operates in a more sophisticated way. It concentrates on BEC fraud and also harvests financial details to scam funds from victims with fake tax returns.
Next-level cybercriminals are highly professional, running money-laundering operations, a network of money mules, and working closely with relatives in the target countries to smooth out the scamming process. It's this group that has been raking in the billions.
Interpol reports some limited success in shutting down these groups, but says that for all the tips they pass on to local police, only about 30 per cent end up in an arrest. As ever with online crime, finding the physical location of the criminals is a major issue. ®