A cybercriminal group dubbed the Florentine Banker Group launched advanced business email compromise (BEC) attacks on leading Israeli and UK financial firms, stealing $1.3 million dollars in just four separate transactions.
Unlike a basic BEC where an attacker sends one or two emails posing as an executive in the victim organization, the Florentine Banker Group stole email credentials and lurked for two months before diverting important wire transfers worth millions of dollars, a new report by Check Point Research shows.
According to Check Point, only $600,000 was recovered via some emergency intervention immediately after the attack.
"People need to understand that these attacks happen fast," says Lotem Finkelstein, Check Point's threat intelligence group manager. "In most instances, once the wire transfers are made, they are lost for good; our clients were lucky to even get half of their money back."
Finkelstein says Check Point had been watching the activities of The Florentine Banker Group for at least six months before his firm started working with the victims last December. The targeted companies are three large UK and Israeli financial sector firms that weekly transfer large sums (in the millions of dollars) to new partners and third-party providers.
The Scam
Here's how the attackers pulled it off: Phishing emails targeting two top officials were sent over several weeks, and they only occasionally added new people to the list of targets until they finally gained access to the victim's email account.
Once the attackers gained control of a victim's email account, they were able to read through their emails to understand the di ..
Support the originator by clicking the read the rest link below.
