Categories: SecurityWorkspace

‘London Blue’ Fraud Group Targets Financial Services Industry

A hacking group called “London Blue” has gathered a list of some 35,000 chief financial officers,  some of whom work for the world’s largest financial services firms, as part of an aggressive string of “business email compromise” (BEC) attack campaigns.

The scam, which involves rushing a chief financial officer into making a large transfer to an unknown account, has cost more than 78,000 companies more than $12 billion (£9bn) over the past three years, the FBI said in July.

The “London Blue” group, based in Nigeria and the UK, with supporters in other countries, is one of the largest best-organised known to date, according to security firm Agari.

Agari determined that the group had compiled a list of a total of 50,000 targets, with 71 percent being chief financial officers and the rest senior members of finance teams, including finance directors, controllers and members of accounting.

Financial services targeted

Most targets are in the US, with the UK, Spain, Finland and Egypt amongst the other countries targeted.

The group is mainly targeting mortgage companies in order to steal real estate purchase funds or lease payments, but the target list also includes executives at the world’s largest banks.

The attacks involved use social engineering techniques and as such tend to slip past technical countermeasures, Agari said.

The group has taken the basic techniques of targeted scams, known as spear phishing attacks, relying on detailed knowledge about a target’s relationships to send a fraudulent email, and “turned it into massive BEC campaigns”, Agari said in a report.

The study was launched to coincide with Black Hat Europe, taking place in London this week.

“Each attack email requesting a money transfer is customised to appear to be an order from a senior executive of the company,” the report said.

It found that London Blue has greatly reduced the amount of time-consuming research that normally goes into a targeted scam by using commercial lead-generation services and gather the necessary data for thousands of targets at a time.

Corporate structure

Such commercial firms supply data such as names, company, titles, work email and personal email addresses.

The group is well-organised in other ways as well, operating like a modern corporation, with specialised staff for business intelligence, financial operations, human resources, sales management, email marketing and sales.

Members first generate leads for potential targets before carrying out reconnaissance to gather additional information such as email addresses or names.

Agari first encountered London Blue when the group targeted Agari’s own chief financial officer, in a scam email supposedly sent by the company’s chief executive.

The group has 17 possible collaborators in Western Europe and the US, Agari found.

Its techniques give it “the attack volume of a mass spam campaign, but with the target-specific customisation of spear-phishing attacks”.

After financial services, the group targeted the construction, real estate and healthcare industries.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

18 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

19 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

19 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

20 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

20 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

21 hours ago