Threat Watch

London Blue Targeting CFOs with Sophisticated Phishing Attacks

A group of Nigerian hackers calling themselves London Blue have been found to be targeting a large number of executives around the world, primarily CFOs, in an attempt to trick them out of company funds.  The group will send a spoofed email which appears to be from the company’s CEO to the CFO, asking them to release funds for one reason or another. While the group is based out of Nigeria, they have at least 17 other members in countries around the world, including the United States, the United Kingdom, and Western Europe.  It is believed that the members outside of Nigeria primarily assist in moving funds around for the group in order to help them keep their money safe.  An investigation into the group revealed a list of potential targets of more than 50,000 finance executives, 71% of which were CFO’s.  Many attackers become very aggressive at the beginning of each year with similar attacks on corporations in an effort to steal tax data for employees so that they can file fraudulent returns.

ANALYST NOTES

It is likely that London Blue will be no different.