11 BEC Gang Members Arrested By Interpol

Share post:

Interpol, in partnership with the Nigerian police, has arrested 11 personalities allegedly involved in an international business email compromise (BEC) ring. 

BEC refers to an attack done via email involving the spear-phishing of company employees responsible for approving payments to contractors and suppliers.

By impersonating a coworker, a supervisor, or a client/supplier, BEC actors are able to divert payments to their bank accounts, therefore stealing them from the business being targeted.

The Interpol operation, codenamed ‘Falcon II,’ happened between December 12 and 22 of last year.  Leads provided by cyber-intelligence firms Group-IB and Palo Alto Networks’ Unit 42 were followed by the police, leading to the arrest of suspects in Lagos and Asaba.

Based on the available evidence, the Interpol is convinced that some of the arrested persons are members of  the BEC gang known as SilverTerrier (aka TMT).

This is the second arrest of members of the notorious gang after the Interpol arrested many of them during the so-called ‘Falcon I” operations last year. 

According to a report by Palo Alto Unit 42, most of the arrested persons have had a long involvement in or prior convictions for BEC scams.

BEC scammers are unable to steal funds using untraceable cryptocurrencies. Hence, the only way for them to hide is by moving funds around to obscure the money trail.

Despite this, the international collaboration and global exchange between law enforcement and intelligence agencies have made the world of BEC scammers much smaller.

To be able to fight off potential BEC attacks, multi-factor authentication along with choosing a strong and unique password are highly recommended practices. 

Organizations should also protect their domain from spoofing by registering potential domain typo-squatting candidates and telling their workers not to over-share business information especially online.

For more information, read the original story in Bleeping Computer.



Related articles

Cyber Security Today, March 22, 2023 – ChatGPT4 is out, poorly-protected Linux servers are exploited, and more

ChatGPT4 is out, poorly-protected Linux servers are exploited, and more. Welcome to Cyber Security Today. It’s Wednesday, March 22nd, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S. The new version of ChatGPT has been released. But if you were hoping that version 4 has made this tool safer

Only 9 per cent of Canadian firms are cyber mature: Cisco report

Only 15 per cent of companies around the world would have a mature cyber readiness, according to survey

Ferrari notifies customers of ransom demand

Exclusive car maker says some client contact information exposed in cy

Government backs down on document demand from Google, Facebook

Change meets criticism that demand for external communications is an invasion

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways