Jun 5, 2019

A look inside a Nigerian email scam group active since 2008

Cybersecurity company Agari detailed a newly discovered Nigerian email scam team, dubbed "Scattered Canary," composed of dozens of members, in a new report released Wednesday.

Why it matters: Unlike with criminal hackers and espionage groups, there is not as much research into the taxonomy of actors in email fraud, but since it can siphon off as much as $2 billion each year, it's a threat worth understanding.

The big picture: Agari won't publicly discuss its methods for gaining intelligence on Scattered Canary. But given methods they've used to detail similar groups in the past, which were only shared with Axios under the condition that they not be included in stories, they have extensive visibility on how a group operates, who is involved and their criminal history.

  • "We have a 10-year look on how this developed from a single individual into a group that comprises at least 35 people that we know of," Crane Hassold, senior director of threat research at Agari, told Axios.

Background: Scattered Canary started as a small-time operation in 2008 — a single actor dubbed "Alpha" running Craigslist scams with the help of a more seasoned mentor, dubbed "Omega." The tandem committed 419 total Craigslist scams, averaging $24,000 in profits.

  • Alpha is currently engaged and has three kids. In 2010, he began running romance scams, extorting money from victims and using them to do menial tasks in other scams, such as opening bank accounts.
  • In 2015, Alpha started scamming corporations and began hiring additional employees.

Details: Like other groups, Scattered Canary uses commercial lead generation services to compile lists of potential victims.

  • Since 2017, the group has perpetuated several fraudulent attacks on the U.S. government, including filing 13 tax returns and 11 Social Security benefit applications. It's also filed applications for Texas unemployment benefits under 9 identities and applications for FEMA disaster assistance under 3 identities.
  • Agari lists several email accounts associated with the group in its report.

The bottom line: Conventional hackers may get most of the attention, but email fraud is a thriving industry with a higher return on investment.

  • Hassold says, "I'm worried about what happens when the Eastern European, Russian and Southeast Asian groups realize, 'Why are we spending so much money on infrastructure and paying developers to develop malware when we could just send an email to someone, ask them to send us money and they'll do it?'" 

Go deeper: Email scammers take advantage of Gmail dot feature

Go deeper

Jacob Knutson
5 hours ago - Politics & Policy

Trump commutes Roger Stone's sentence

Roger Stone arriving at his sentencing hearing on Feb. 20. Photo: Drew Angerer/Getty Images

President Trump on Friday evening commuted the sentence of his longtime associate Roger Stone, according to two senior administration officials. Stone in February was sentenced to 40 months in prison for crimes including obstruction, witness tampering and making false statements to Congress.

Why it matters: The controversial move brings an abrupt end to the possibility of Stone spending time behind bars. He had been scheduled to report to prison on July 14.

Go deeper (1 min. read)Arrow
Orion Rummler
Updated 6 hours ago - Health

Which states have set single-day coronavirus records this week

Data: COVID Tracking Project and state health department data compiled by Axios; Map: Danielle Alberti and Naema Ahmed/Axios

13 states this week surpassed records set just last week for their highest number of coronavirus infections in a single day, according to the COVID Tracking Project and state health department data. 16 states in total reported new highs.

The big picture: The United States' alarming rise in coronavirus cases isn't just due to increased testing — particularly where the number of cases has grown fastest over the last month, Axios' Andrew Witherspoon and Caitlin Owens report.

Go deeper (1 min. read)Arrow
Axios
Updated 6 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 6:30 p.m. ET: 12,389,660 — Total deaths: 557,279 — Total recoveries — 6,830,596Map.
  2. U.S.: Total confirmed cases as of 6:30 p.m. ET: 3,169,611 — Total deaths: 133,885 — Total recoveries: 983,185 — Total tested: 38,856,341Map.
  3. Public health: The reality of the coronavirus bites.
  4. Trade: Trump says he's no longer considering phase-two trade deal with China because the pandemic damaged the two countries' relationship.
  5. 🎧 Podcast: Rural America has its own coronavirus problem.
Go deeper (<1 min. read)Arrow