A criminal splinter faction from a pirate symbology-obsessed Nigerian “confraternity” has been running business email compromise scams for hundreds of thousands of dollars targeting the global maritime industry, according to security researchers who have been tracing the “GOLD GALLEON” group and trying to derail its scams in real time.
Researchers from SecureWorks’ Counter Threat Unit (CTU) explained to Computerworld UK how they raced to prevent a legitimate client of a small South Korean shipping company from signing off on a fraudulent claim for $325,585, and had successfully mitigated $800,000 of the $3.9 million in attempted fraud by the group.
The attackers typically insert themselves in the middle of a legitimate business exchange using compromised email accounts, adding credibility to the attack, with the group in question even procuring a copy of a company’s official invoice letterhead – by impersonating a client and asking for it.