IBM X-Force IRIS Uncovers Active Business Email Compromise Campaign Targeting Fortune 500 Companies
According to IBM Security in a recent report, “IBM X-Force Incident Response and Intelligence Services (IRIS) assesses that threat groups of likely Nigerian origin are engaged in a widespread credential harvesting, phishing and social engineering campaign designed to steal financial assets. Beginning in the fall of 2017, X-Force IRIS experienced a significant increase in clients reporting instances of fraud or attempted fraud via wire transfer payments. These threat groups successfully used business email compromise (BEC) scams to convince accounts payable personnel at some Fortune 500 companies to initiate fraudulent wire transfers into attacker-controlled accounts, resulting in the theft of millions of dollars.”