Read how ‘yahoo boys’ got themselves into big trouble with EFCC

– Fraudsters, who have stolen between $30,000 and $60,000 this year have unknowingly disclosed their secrets to the EFCC

– The group made up of about 30 members indulge in email scams which steals money from unsuspecting people

– The EFCC has already kicked off an active investigation into the activities of the group which also trains recruit into the trade

A group of Nigerian email scammers numbering about 30 have had their covers blown open by a virus they mistakenly downloaded as they went about their criminal business.

A report by IEEE Spectrum on Tuesday, August 9, read: “A group of Nigerian online scammers accidentally revealed their identities and work to the public after infecting themselves with malware.”

READ ALSO: Nigeria in danger! Army uncovers next targets of Boko Haram

The report said the scammers, who raked in about $3million dollars a year from the trade, were using a new kind of attack called ‘wire-wire’ that enabled them to rake in large amounts of money from businesses around the world.

Security experts from a technology firm called SecureWorks, Joe Stewart and James Bettke discovered what had happened when they came across a keylogger malware online, which was sending unsecured data to an open web server.

Stewart and Bettke made the discovery back in February when five of the scammers infected their own computers using the same malware they use to steal from other businesses.

READ ALSO: Fast all in one — UC Browser

The malware continuously uploaded screenshots and keystrokes from the infected computers to an open web database, which was found by using a virus scanning tool to search for malicious email attachments. There were even instances where scammers were training new recruits, which led to the leakage of more information on how their scamming techniques work.

According to SecureWorks, the most popular fraud in Africa involves criminals using internal corporate email accounts to execute fraudulent transactions. But these ‘yahoo boys’ used the Wire-wire, which brings a more sophisticated method to the typical approach, and is harder to detect.

In this method, the cybercriminals use a marketing tool to gather the email addresses of businesses then blast malicious emails to the collected addresses, which contain keylogging malware or malicious links. If the victim opens these, they will be prompted to enter their password, which in turn will be acquired by the criminals.

“Once they gain access to the email accounts, they will discreetly hunt down potential financial transactions by the owner without their knowledge. When they notice that the owner is sending an invoice to a customer, they will reroute this transaction using their own email account, and then alter the account and routing number before forwarding it, thus creating a man-in-the-middle attack. During this, the scammers are using a similar-looking email account from the original, which is the usual ploy in phishing. Once this is all done, the buyer will inadvertently wire money to the criminal, and not the seller,” Neowin reports IEEE Spectrum.

The security experts say that the scammers have reportedly raked in $30,000 to $60,000 from small to medium-sized businesses per transaction since February and number at least 30 members in all.

The SecureWorks team has already informed the Economic and Financial Crimes Commission (EFCC), which is now conducting an active investigation.

NAIJ.com recalls that just recently the ring leader of a group of yahoo boys was arrested in Rivers state during a joint operation between the EFCC and Interpol.

The post Read how ‘yahoo boys’ got themselves into big trouble with EFCC appeared first on Nigeria News today & Breaking news | Read Naij.com 24/7.

loading...