Former Nigerian 419 scammers are turning to more sophisticated and bigger-paying jobs that start with compromising the email accounts of staff responsible for selling, and then waiting for a juicy request for a quote.
According to Dell SecureWorks, these new-generation Nigerian scammers are known as 'waya-waya' or wire-wire, and conduct wire fraud by compromising a supplier's email.
The FBI warned earlier this year that businesses have been exposed to an estimated $3.1bn in potential losses due to so-called business email compromise (BEC) since 2013. These crimes usually take the form of an attacker spoofing the email account of a CEO and then ordering a subordinate to transfer funds to a supposed supplier's account.
However, SecureWorks' says its probe into one Nigerian operation uncovered a far more "devious" attack than spoofing the boss's email account. The attackers instead are compromising a seller's email account to place themselves between the buyer and seller during a transaction.