Navigation Links
Businesses the New Target for Nigeria’s 419 Cyber-Scammers

New York, NY (PRWEB) July 26, 2014

As reported in this article published by Infosecurity magazine on July 23rd, new research by Palo Alto Networks shows that Nigeria’s infamous 419 scammers are starting to rewrite their playbook, now focusing more on businesses and their digital treasures instead of targeting individuals en masse who have become increasingly wise to their tactics over the years. Global Digital Forensics (GDF) founder and CEO/CTO, Joe Caruso, talks about the evolution of 419 scams and what organizations can do to help protect themselves from the onslaught.

As technology has evolved, so too have 419 scammers.

419 scams got their name from the article of the Nigerian Criminal Code dealing with fraud, in particular, confidence jobs which con targets with the promise of a large sum of money which will require some sort of fee up front in order to be released, and they’ve been at it for decades. Years ago, actual phone calls, letters in the mail and faxes where their chosen attack vectors, but when the Internet finally became the preferred mode of communication, 419 scammers quickly adjusted and saw their ill-gotten gains multiply like never before, thanks to the global audience now at their fingertips who were largely inexperienced in recognizing the social engineering tricks these scammers spent years refining. Post offices, phone calls and faxes originally used had substantial up-front costs for these 419 scammers, but email, and now social networking sites, are free, making the overhead to reach millions of potential victims virtually nil.

Coming to an inbox near you.

As Caruso points out, “Anybody with an inbox has most likely seen 419 scam attempts many times. All those lotteries you seem to have won, all those super-wealthy long-lost relatives you never knew you had leaving you a substantial inheritance, strangers that seem to have decided you are such a good person they chose you to carry out their dying altruistic wishes, and when current events dictate, even those pleas from warzones or disaster areas asking for help to transfer funds out of the country, which of course you will be handsomely rewarded for doing, are all old favorites which are still used every day. Unfortunately, those who can least afford to be stung are the ones who typically do get caught in the web, like elderly folks on a fixed income, the unemployed and desperate, and poorer developing countries who are just plugging into the online world and have never seen their tactics before. Everybody gets tempted the first time they see the notification of their lottery winnings, but these days most know it’s all bull and move on. That’s most likely the reason 419 scammers are starting to change their crime model, moving from individuals to businesses and looking for valuable data to steal right off a business system or network instead of playing the effort-intensive long cons they’ve relied on for so long. Now all they have to do is get one person in an organization to open an email attachment or follow a link which will install a RAT (Remote Access Trojan), and they will have the access they want and often free reign over all the organization’s sensitive data and digital assets to steal funds directly, sell it off for real cash on underground black market sites, or even use what they find for blackmail or extortion if the opportunity presents itself. After all, how much would an organization be willing to pay to avoid having their IP (Intellectual Property) and other trade secrets from landing in a competitor’s hands and driving them out of business altogether. But there are key things organizations can do to substantially reduce the chance of becoming their next victim, and it all has to do with awareness and testing.”

To defend against 419 scammers, regular testing and raising awareness enterprise-wide are crucial.

“The essence of a 419 scam is not advanced malware or technological savvy, it’s all about preying on the weakest link in any cyber security chain, the human element,” says Caruso. “If a 419 scammer can successfully set a hook in just one individual in an organization by playing on their curiosity, ego, desperation, or even pure greed, that’s all it takes for an attacker to basically assume the victim’s role as an insider of the organization, with all their access and privileges to move about the network freely. That means after the malicious attachment has been opened, or the link followed to a malicious site is clicked, which downloads and installs the attackers RAT malware on their system and/or network, attackers can move sideways within the network without being detected, essentially allowing them to pick and choose what data, from confidential company information to full credentials, they can best leverage for profit. So clearly it’s paramount to stop that initial breach from occurring, and if it already has, to find the malware and eradicate it as quickly as possible. That’s why we put such a strong focus on social engineering during our professional vulnerability assessments and penetration testing (pen-testing). We will not only run deep scans on the entire network to weed out rootkits and other nasty malware that standard signature-based antivirus and anti-malware simply cannot detect, we’ll also assume the role of real-world attackers and use the social engineering ploys they use. We’ll create realistic looking fake websites to entice users to divulge their credentials, we’ll launch well crafted phishing and spear phishing campaigns, and even make phone calls, all with the express purpose of gaining that trusted access which attackers covet, without all the nasty consequences that come with a real attack. And after all is said and done, we’ll not only have existing dangers like malware eradicated, but we’ll also be able to use our successes from the pen-testing phase to drive home what needs to be covered and improved from an awareness perspective. Nothing has a teaching impact like catching users red-handed, and to date, we’ve never failed to infiltrate a network we set out to. From there we can offer customized security solutions and even arrange in-house training to raise that vital awareness across the board by using the lessons from our testing as a springboard to a stronger overall cyber security posture for any organization.”

Don’t become the next victim, expert help is only a phone call away

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit

Read the full story at

Source: PRWeb
Copyright©2014 Vocus, Inc.
All rights reserved

Related medicine news :

1. B2B e Trader is Addressing the Critical Needs of Local Businesses by Lauching the New Shop Small Business Directory
2. Google Rolls Out Another Panda Algorithm Update – Small Businesses Plan for the Future of SEO
3. Boost in earnings from businesses
4. NSF reports on R&D spending by businesses in the United States
5. SOLCO Energy’s New Corporate Solar Lens Purchase Program is Helping Businesses Soar High Above the Fiscal Tax Cliff
6. OutSkirts Press Publishes New Relationship Guide to Help People, Businesses, & Organizations Stretch Their Relationship Capital
7. Launches Largest Natural Health Database Connecting Local Businesses with Local Consumers
8. Easy-to-use Check Writer from Saves Small Businesses Time and Money in Year 2013
9. Anahata Technologies to Offer Custom Software Solution Development Services for Small and Medium Businesses in 2013
10. Havana Street Businesses “Sweep” Supermarket to Benefit Comitis Crisis Center
11. Businesses Should Plan for Flu Disruptions, Doctor Says
Post Your Comments:
(Date:10/12/2017)... ... October 12, 2017 , ... First Healthcare Compliance ... management, will showcase a range of technology and learning solutions at the 68th ... and Expo to be held October 14–18, 2017 at the Mandalay Bay Resort ...
(Date:10/12/2017)... , ... October 12, 2017 , ... IsoComforter, Inc. ( ... announced today the introduction of an innovative new design of the shoulder pad. ... you get maximum comfort while controlling your pain while using cold therapy. By utilizing ...
(Date:10/12/2017)... ... 12, 2017 , ... Dr. Parsa Mohebi, the Los Angeles ... to the newly revamped Cosmetic Town journal section, featuring articles written ... known as Follicular Unit Extraction (FUE). , Dr. Mohebi says “I ...
(Date:10/12/2017)... (PRWEB) , ... October 12, 2017 , ... ... been named one of Michigan’s 2017 Best and Brightest in Wellness® by Best ... in Wellness® awards program on Friday, Oct. 20 from 7:30 a.m. to 2 ...
(Date:10/12/2017)... D.C. (PRWEB) , ... October 12, 2017 , ... ... Cal Dining at the University of California Berkeley, and other leading institutions in ... the buying power of institutions to change the way animals are raised for ...
Breaking Medicine News(10 mins):
(Date:9/19/2017)... -- HistoSonics, Inc., a venture-backed medical device company developing a non-invasive, robotically assisted, platform therapy ... team developments today:   ... ... Tom Tefft ... Veteran medical device executive Josh Stopek , PhD, who has led R&D ...
(Date:9/18/2017)... , Sept. 18, 2017  PMD Healthcare of ... Pharmacy of Kalamazoo, Mich. , have ... service that expedites and streamlines patient and provider access ... 2.0, and wellness management services.  ... used to measure lung function for a variety of ...
(Date:9/13/2017)... ATLANTA , Sept. 13, 2017   OrthoAtlanta ... to the Atlanta Football Host Committee (AFHC) for the 2018 ... Monday, Jan. 8, 2018, at Mercedes-Benz Stadium in ... part of the AFHC "I,m In" campaign, participating in many ... ...
Breaking Medicine Technology: