Among nearly two million targets in a $450 million Business Email Compromise (BEC) scamming operation are a Premier league football team, a U.S. lawyer and an international bank, SC Magazine reveals. The alleged scammer – Ramon Olorunwa Abbas – was arrested in Dubai.
The U.S. Department of Justice has issued the following statement in relation to the matter: “Abbas & others further conspired to launder 100s of millions of dollars from other fraudulent schemes & computer intrusions, including one scheme to steal £100 million from an English Premier League soccer club.”
Commenting on the issue for Digital Journal is Ed Macnair, CEO of Censornet. The expert says: “The case of an unnamed premier league club losing millions from a BEC scam shows that even the most common form of attacks pose an enormous risk to unsuspecting organisations.”
In terms of the impact of this form of cyber attack, Macnair states: “BEC is so effective because it exploits a human impulse, since the emails often look ‘real’. These scams take advantage of a very human desire to please a high ranking executive, so the victim may not be as security-vigilant as usual.”
Looking further into the nature of the attack, Macnair says: “Unfortunately, because these emails are so convincing, and targeted, the traditional pattern matching technologies usually used to catch spam are also useless against this technique.”
In terms of the lessons that businesses should take from the incident, Macnair recommends: ” In order to be able to spot them, organisations need to combine content analysis, threat intelligence and executive name checking to efficiently protect themselves.”