Crime
Scattered Canary: The Nigerian scam gang that evolved from one-man start-up to multi-faceted corporation with 35 employees
A Nigerian-based scammer gang dubbed “Scattered Canary” has evolved from a one-man, start-up operation to a multi-faceted, scalable, “corporation” with 35 “employees” targeting individuals, businesses, and government agencies.
The criminal gang was exposed in a new Threat Actor Dossier published Wednesday by Agari, the next-generation Secure Email Cloud that restores trust to the inbox.
Scattered Canary, for which Agari has traced fraudulent activity originating from 2008, has grown exponentially from a lone-wolf cybercriminal named “Alpha,” operating entry-level Craigslist scams to an entire organisation with at least 35 criminal actors working for it.
Each actor has his own area of expertise, ranging from recruiting money mules to providing infrastructure for the organisation. At any one-time, Alpha is orchestrating Scattered Canary’s operatives to simultaneously carry out business email compromise (BEC) scams and other fraudulent schemes, including romance scams, tax fraud, social security fraud, credit card fraud, and payroll diversion.
Similar to legitimate budding entrepreneurial companies, the Scattered Canary gang has sought to increase business operations by developing and validating scalable business models across a diverse set of revenue streams.
Initially detected after impersonating a Senior Executive at Agari to target its Chief Financial Officer, Scattered Canary’s victims include individuals, organisations and, in 2017, was expanded to include federal and state government agencies.
Utilizing a feature within Gmail accounts, which does not recognise periods in email addresses, the group created numerous ‘dot variant’ accounts that allowed the group to make their scams more efficient by removing the need to create and monitor different email accounts for every account they create on a targeted website.
As a result of this tactic, Scattered Canary was able to file 13 fraudulent tax returns with the IRS, submit applications for FEMA disaster assistance under three identities, submit 11 fraudulent Social Security benefit applications and gain approval for at least $65,000 in credit with four US-based financial institutions via 48 credit-card applications.
“BEC can no longer be viewed in isolation,” said Crane Hassold, senior director of threat research, Agari.
“If we are to take Scattered Canary as a microcosm for the organisations behind today’s most malicious scams, it demonstrates that a more holistic approach, one based on threat actor identity rather than type of fraudulent activity, is needed to detect email fraud and protect businesses. While Scattered Canary’s primary attack vector is BEC, at any given time, it is also involved in a dozen other types of disparate scams.”
The Agari Cyber Intelligence Division (ACID) is the only counterintelligence research team dedicated to worldwide business email compromise (BEC) and spear-phishing investigation. ACID uncovers identity deception tactics, criminal group dynamics, and trends in advanced email attacks, and helps mitigate cybercrime activity by working with law enforcement and other trusted partners.
In the Federal Bureau of Investigation’s (FBI) annual Internet Crime Report, it was revealed that losses from BEC scams nearly doubled to $1.3 billion in 2018.
*Download the dossier on Scattered Canary gang
*Press Statement by PRNewswire
-
News23 hours ago
Nollywood veteran Ogunjimi is dead
-
Metro20 hours ago
Three killed, two injured in Kano building collapse – NEMA
-
News21 hours ago
Army hails PawPaw for peace advocacy
-
Entertainment21 hours ago
Mohbad’s widow gets court summon for DNA test
-
News22 hours ago
Lagos shuts shops, church over noise pollution
-
Politics5 hours ago
Ibadan residents defy curfew amid LG polls
-
Sports7 hours ago
Ancelotti confirms Arda Guler’s stay at Real Madrid
-
Entertainment7 hours ago
Doris Simeon reveals struggle working odd jobs to survive in US