Navigation Links
Businesses the New Target for Nigeria’s 419 Cyber-Scammers

New York, NY (PRWEB) July 26, 2014

As reported in this article published by Infosecurity magazine on July 23rd, new research by Palo Alto Networks shows that Nigeria’s infamous 419 scammers are starting to rewrite their playbook, now focusing more on businesses and their digital treasures instead of targeting individuals en masse who have become increasingly wise to their tactics over the years. Global Digital Forensics (GDF) founder and CEO/CTO, Joe Caruso, talks about the evolution of 419 scams and what organizations can do to help protect themselves from the onslaught.

As technology has evolved, so too have 419 scammers.

419 scams got their name from the article of the Nigerian Criminal Code dealing with fraud, in particular, confidence jobs which con targets with the promise of a large sum of money which will require some sort of fee up front in order to be released, and they’ve been at it for decades. Years ago, actual phone calls, letters in the mail and faxes where their chosen attack vectors, but when the Internet finally became the preferred mode of communication, 419 scammers quickly adjusted and saw their ill-gotten gains multiply like never before, thanks to the global audience now at their fingertips who were largely inexperienced in recognizing the social engineering tricks these scammers spent years refining. Post offices, phone calls and faxes originally used had substantial up-front costs for these 419 scammers, but email, and now social networking sites, are free, making the overhead to reach millions of potential victims virtually nil.

Coming to an inbox near you.

As Caruso points out, “Anybody with an inbox has most likely seen 419 scam attempts many times. All those lotteries you seem to have won, all those super-wealthy long-lost relatives you never knew you had leaving you a substantial inheritance, strangers that seem to have decided you are such a good person they chose you to carry out their dying altruistic wishes, and when current events dictate, even those pleas from warzones or disaster areas asking for help to transfer funds out of the country, which of course you will be handsomely rewarded for doing, are all old favorites which are still used every day. Unfortunately, those who can least afford to be stung are the ones who typically do get caught in the web, like elderly folks on a fixed income, the unemployed and desperate, and poorer developing countries who are just plugging into the online world and have never seen their tactics before. Everybody gets tempted the first time they see the notification of their lottery winnings, but these days most know it’s all bull and move on. That’s most likely the reason 419 scammers are starting to change their crime model, moving from individuals to businesses and looking for valuable data to steal right off a business system or network instead of playing the effort-intensive long cons they’ve relied on for so long. Now all they have to do is get one person in an organization to open an email attachment or follow a link which will install a RAT (Remote Access Trojan), and they will have the access they want and often free reign over all the organization’s sensitive data and digital assets to steal funds directly, sell it off for real cash on underground black market sites, or even use what they find for blackmail or extortion if the opportunity presents itself. After all, how much would an organization be willing to pay to avoid having their IP (Intellectual Property) and other trade secrets from landing in a competitor’s hands and driving them out of business altogether. But there are key things organizations can do to substantially reduce the chance of becoming their next victim, and it all has to do with awareness and testing.”

To defend against 419 scammers, regular testing and raising awareness enterprise-wide are crucial.

“The essence of a 419 scam is not advanced malware or technological savvy, it’s all about preying on the weakest link in any cyber security chain, the human element,” says Caruso. “If a 419 scammer can successfully set a hook in just one individual in an organization by playing on their curiosity, ego, desperation, or even pure greed, that’s all it takes for an attacker to basically assume the victim’s role as an insider of the organization, with all their access and privileges to move about the network freely. That means after the malicious attachment has been opened, or the link followed to a malicious site is clicked, which downloads and installs the attackers RAT malware on their system and/or network, attackers can move sideways within the network without being detected, essentially allowing them to pick and choose what data, from confidential company information to full credentials, they can best leverage for profit. So clearly it’s paramount to stop that initial breach from occurring, and if it already has, to find the malware and eradicate it as quickly as possible. That’s why we put such a strong focus on social engineering during our professional vulnerability assessments and penetration testing (pen-testing). We will not only run deep scans on the entire network to weed out rootkits and other nasty malware that standard signature-based antivirus and anti-malware simply cannot detect, we’ll also assume the role of real-world attackers and use the social engineering ploys they use. We’ll create realistic looking fake websites to entice users to divulge their credentials, we’ll launch well crafted phishing and spear phishing campaigns, and even make phone calls, all with the express purpose of gaining that trusted access which attackers covet, without all the nasty consequences that come with a real attack. And after all is said and done, we’ll not only have existing dangers like malware eradicated, but we’ll also be able to use our successes from the pen-testing phase to drive home what needs to be covered and improved from an awareness perspective. Nothing has a teaching impact like catching users red-handed, and to date, we’ve never failed to infiltrate a network we set out to. From there we can offer customized security solutions and even arrange in-house training to raise that vital awareness across the board by using the lessons from our testing as a springboard to a stronger overall cyber security posture for any organization.”

Don’t become the next victim, expert help is only a phone call away

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit

Read the full story at

Source: PRWeb
Copyright©2014 Vocus, Inc.
All rights reserved

Related medicine news :

1. B2B e Trader is Addressing the Critical Needs of Local Businesses by Lauching the New Shop Small Business Directory
2. Google Rolls Out Another Panda Algorithm Update – Small Businesses Plan for the Future of SEO
3. Boost in earnings from businesses
4. NSF reports on R&D spending by businesses in the United States
5. SOLCO Energy’s New Corporate Solar Lens Purchase Program is Helping Businesses Soar High Above the Fiscal Tax Cliff
6. OutSkirts Press Publishes New Relationship Guide to Help People, Businesses, & Organizations Stretch Their Relationship Capital
7. Launches Largest Natural Health Database Connecting Local Businesses with Local Consumers
8. Easy-to-use Check Writer from Saves Small Businesses Time and Money in Year 2013
9. Anahata Technologies to Offer Custom Software Solution Development Services for Small and Medium Businesses in 2013
10. Havana Street Businesses “Sweep” Supermarket to Benefit Comitis Crisis Center
11. Businesses Should Plan for Flu Disruptions, Doctor Says
Post Your Comments:
(Date:6/25/2016)... , ... June 25, 2016 , ... Conventional wisdom preaches ... success. In terms of the latter, setting the bar too high can result in ... than just slow progress toward their goal. , Research from ...
(Date:6/24/2016)... ... , ... Those who have experienced traumatic events may suffer from a complex ... as drug or alcohol abuse, as a coping mechanism. To avoid this pain and ... a traumatic event. , Trauma sufferers tend to feel a range of emotions, from ...
(Date:6/24/2016)... ... ... was in a crisis. Her son James, eight, was out of control. Prone to extreme ... “When something upset him, he couldn’t control his emotions,” remembers Marcy. “If there was ... other children and say he was going to kill them. If we were driving ...
(Date:6/24/2016)... (PRWEB) , ... June 24, 2016 , ... Global law ... magazine’s 2016 Legal Elite. The attorneys chosen by their peers for this recognition are ... , Seven Greenberg Traurig Shareholders received special honors as members of this year’s Legal ...
(Date:6/24/2016)... (PRWEB) , ... June 24, 2016 , ... Comfort Keepers® ... American Cancer Society and the Road To Recovery® program to drive cancer patients to ... and other adults to ensure the highest quality of life and ongoing independence. ...
Breaking Medicine News(10 mins):
(Date:6/23/2016)... WAYNE, Pa. , June 23, 2016 ... provider, will launch its next generation clinical outcomes platform, Bracket ... DIA Meeting held on June 26 – 30, 2016 in ... 6.0, the first electronic Clinical Outcome Assessment product of its ... DIA Booth #715. Bracket eCOA 6.0 is a ...
(Date:6/23/2016)... Ill. and INDIANAPOLIS , ... students receiving a Lilly Diabetes Tomorrow,s Leaders Scholarship is ... 2016 scholarship winners, announced today online at ... let type 1 diabetes stand in the way of ... has supported the Foundation,s scholarship program since 2012, and ...
(Date:6/23/2016)... June 23, 2016 Revolutionary technology ... Oticon , industry leaders in advanced audiology and ... Oticon Opn ™, the world,s first internet connected ... for IoT devices.      (Photo: ... a number of ,world firsts,: , TwinLink™ ...
Breaking Medicine Technology: