Get the latest market trends in your inbox

Stay on top of the latest market trends and economic insights with the Axios Markets newsletter. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Cybersecurity company Agari detailed a newly discovered Nigerian email scam team, dubbed "Scattered Canary," composed of dozens of members, in a new report released Wednesday.

Why it matters: Unlike with criminal hackers and espionage groups, there is not as much research into the taxonomy of actors in email fraud, but since it can siphon off as much as $2 billion each year, it's a threat worth understanding.

The big picture: Agari won't publicly discuss its methods for gaining intelligence on Scattered Canary. But given methods they've used to detail similar groups in the past, which were only shared with Axios under the condition that they not be included in stories, they have extensive visibility on how a group operates, who is involved and their criminal history.

  • "We have a 10-year look on how this developed from a single individual into a group that comprises at least 35 people that we know of," Crane Hassold, senior director of threat research at Agari, told Axios.

Background: Scattered Canary started as a small-time operation in 2008 — a single actor dubbed "Alpha" running Craigslist scams with the help of a more seasoned mentor, dubbed "Omega." The tandem committed 419 total Craigslist scams, averaging $24,000 in profits.

  • Alpha is currently engaged and has three kids. In 2010, he began running romance scams, extorting money from victims and using them to do menial tasks in other scams, such as opening bank accounts.
  • In 2015, Alpha started scamming corporations and began hiring additional employees.

Details: Like other groups, Scattered Canary uses commercial lead generation services to compile lists of potential victims.

  • Since 2017, the group has perpetuated several fraudulent attacks on the U.S. government, including filing 13 tax returns and 11 Social Security benefit applications. It's also filed applications for Texas unemployment benefits under 9 identities and applications for FEMA disaster assistance under 3 identities.
  • Agari lists several email accounts associated with the group in its report.

The bottom line: Conventional hackers may get most of the attention, but email fraud is a thriving industry with a higher return on investment.

  • Hassold says, "I'm worried about what happens when the Eastern European, Russian and Southeast Asian groups realize, 'Why are we spending so much money on infrastructure and paying developers to develop malware when we could just send an email to someone, ask them to send us money and they'll do it?'" 

Go deeper: Email scammers take advantage of Gmail dot feature

Go deeper

Senate Armed Services chair dismisses Trump threat to veto defense bill

Sen. Jim Inhofe. Photo: Anna Moneymaker/Pool/AFP via Getty Images

Sen. Jim Inhofe (R-Okla.), chair of the Senate Armed Services Committee, told reporters Wednesday that he plans to move ahead with a crucial defense-spending bill without provisions that would eliminate tech industry protections, defying a veto threat from President Trump.

Why it matters: Inhofe's public rebuke signals that the Senate could have enough Republican backing to override a potential veto from Trump, who has demanded that the $740 billion National Defense Authorization Act repeal Section 230 of the Communications Decency Act.

Scoop: Uber in talks to sell air taxi business to Joby

Illustration: Sarah Grillo/Axios

Uber is in advanced talks to sell its Uber Elevate unit to Joby Aviation, Axios has learned from multiple sources. A deal could be announced later this month.

Between the lines: Uber Elevate was formed to develop a network of self-driving air taxis, but to date has been most notable for its annual conference devoted to the nascent industry.

Setting the Biden-era cybersecurity agenda

Illustration: Annelise Capossela/Axios

The Biden administration will face a wide array of cybersecurity challenges but can take meaningful action in at least five key areas, concludes a new report by the Aspen Cybersecurity Group.

Why it matters: Cybersecurity policy is a rare refuge from Washington's hyperpartisan dysfunction, as shown by the recent work of the bipartisan Cyberspace Solarium Commission. President-elect Joe Biden should have a real opportunity to make progress on shoring up the nation's cybersecurity and cyber capabilities without bumping up against a likely Republican-controlled Senate.