Using commercially available data as leads, email scammers are delivering semi-customized attacks on companies of all sizes, according to a new report from cybersecurity firm Agari.
Agari's detailed report on the U.K./Nigerian gang London Blue details how the organization is conducting business email compromise attacks against companies around the world.
Business email compromise is an advanced email attack that leverages the most common form of identity deception—display name deception.
They most frequently target finance teams making fraudulent payment requests.
The information hackers are using is readily available from commercial data brokers, and includes name, address, job title, and more.
This information is most often used by marketers for sales leads.
The attack emails typically contain no malware, thus rendering them invisible to many of the most common email security measures.
According to the report, 71% of the targets it had identified held chief financial officer roles.
The FBI Internet Crime Complaint Center says business email compromise schemes have cost companies and individuals $12 billion.
Previous Agari research found that this particular scheme is the most effective email scam producing 3.97 victims for every 100 initial email responses.
More than half of the 50,000 potential victim profiles that London Blue compiled in their targeting database were located in the United States.
Other countries commonly targeted included Spain, the United Kingdom, Finland, the Netherlands and Mexico.