On January 19th, INTERPOL announced the arrest by Nigerian Police Force (NPF) of 11 alleged members of a prolific cybercrime group known as Silver Terrier. The NPF Cybercrime Police Unit worked with INTERPOL and used information provided by private cybersecurity firms Unit 42 and Group-IB, along with investigative work shared by other police agencies across the globe, to identify the key members of the criminal group that is allegedly responsible for Business Email Compromise (BEC) scams that affected over 50,000 victims.
The criminal operation targeted business email accounts through phishing or credential stuffing to obtain passwords and read private email, then the criminal actors watched inboxes carefully to spot email messages with wire transfer or other payment instructions, modifying the receiving account in the email to trick business financial professionals into transferring the money to a different bank account under the control of a “money-mule” associated with the criminal gang. BEC may be considered by some as a low-technology crime that relies more on social engineering than computer hacking, yet it remains one of the most prevalent and costly scams to affect businesses world-wide.