Jun 5, 2019

A look inside a Nigerian email scam group active since 2008

Joe Uchill

Cybersecurity company Agari detailed a newly discovered Nigerian email scam team, dubbed "Scattered Canary," composed of dozens of members, in a new report released Wednesday.

Why it matters: Unlike with criminal hackers and espionage groups, there is not as much research into the taxonomy of actors in email fraud, but since it can siphon off as much as $2 billion each year, it's a threat worth understanding.

The big picture: Agari won't publicly discuss its methods for gaining intelligence on Scattered Canary. But given methods they've used to detail similar groups in the past, which were only shared with Axios under the condition that they not be included in stories, they have extensive visibility on how a group operates, who is involved and their criminal history.

  • "We have a 10-year look on how this developed from a single individual into a group that comprises at least 35 people that we know of," Crane Hassold, senior director of threat research at Agari, told Axios.

Background: Scattered Canary started as a small-time operation in 2008 — a single actor dubbed "Alpha" running Craigslist scams with the help of a more seasoned mentor, dubbed "Omega." The tandem committed 419 total Craigslist scams, averaging $24,000 in profits.

  • Alpha is currently engaged and has three kids. In 2010, he began running romance scams, extorting money from victims and using them to do menial tasks in other scams, such as opening bank accounts.
  • In 2015, Alpha started scamming corporations and began hiring additional employees.

Details: Like other groups, Scattered Canary uses commercial lead generation services to compile lists of potential victims.

  • Since 2017, the group has perpetuated several fraudulent attacks on the U.S. government, including filing 13 tax returns and 11 Social Security benefit applications. It's also filed applications for Texas unemployment benefits under 9 identities and applications for FEMA disaster assistance under 3 identities.
  • Agari lists several email accounts associated with the group in its report.

The bottom line: Conventional hackers may get most of the attention, but email fraud is a thriving industry with a higher return on investment.

  • Hassold says, "I'm worried about what happens when the Eastern European, Russian and Southeast Asian groups realize, 'Why are we spending so much money on infrastructure and paying developers to develop malware when we could just send an email to someone, ask them to send us money and they'll do it?'" 

Go deeper: Email scammers take advantage of Gmail dot feature

Go deeper

Marisa Fernandez

New York's coronavirus death toll hits record high for third straight day

799 people died from coronavirus in New York over the past 24 hours, a record high for the third straight day that brings the state's total death toll to 7,067.

Why it matters: Gov. Andrew Cuomo said at a press conference that social distancing is helping "flatten the curve" of coronavirus hospitalizations, and that deaths are a lagging indicator. Still, he called the death figures "shocking and painful," noting that the virus has killed more than double the number of people who died in New York on 9/11.

Go deeperArrow6 mins ago - Health
Axios

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 11:30 a.m. ET: 1,503,900 — Total deaths: 89,931 — Total recoveries: 340,112Map.
  2. U.S.: Total confirmed cases as of 11:30 a.m. ET: 432,579 — Total deaths: 14,830 — Total recoveries: 24,213Map.
  3. Business: The Fed will lend up to $2.3 trillion — Another 6.6 million jobless claims were filed last week.
  4. Public health latest: Dr. Anthony Fauci said social distancing could reduce the U.S. death toll to 60,000.
  5. Travel update: TSA screened fewer than 100,000 people at airports in the U.S. on both Tuesday and Wednesday, compared to 2.2 million passengers on an average weekday a year ago.
  6. ☎️ Communication shift: Daily phone calls in the coronavirus era are outpacing Mother's Day.
  7. What should I do? Pets, moving and personal healthAnswers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Keep ReadingArrowUpdated 47 mins ago - Politics & Policy
Courtenay Brown

Fed will lend up to $2.3 trillion amid coronavirus crisis

Fed Chairman Jerome Powell at a press conference in March. Photo: Eric Baradat/AFP via Getty Images

The Federal Reserve announced Thursday that it will support the coronavirus-hit economy with up to $2.3 trillion in loans to businesses, state and city governments — made possible in part by Treasury funds set aside in the government stimulus package.

Why it matters: The Fed has taken more action amid the coronavirus outbreak than it has in any other financial crisis in U.S. history in an effort to blunt the effects of the resulting economic shutdown.

DetailsArrowUpdated 2 hours ago - Economy & Business