Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Cybersecurity company Agari detailed a newly discovered Nigerian email scam team, dubbed "Scattered Canary," composed of dozens of members, in a new report released Wednesday.

Why it matters: Unlike with criminal hackers and espionage groups, there is not as much research into the taxonomy of actors in email fraud, but since it can siphon off as much as $2 billion each year, it's a threat worth understanding.

The big picture: Agari won't publicly discuss its methods for gaining intelligence on Scattered Canary. But given methods they've used to detail similar groups in the past, which were only shared with Axios under the condition that they not be included in stories, they have extensive visibility on how a group operates, who is involved and their criminal history.

  • "We have a 10-year look on how this developed from a single individual into a group that comprises at least 35 people that we know of," Crane Hassold, senior director of threat research at Agari, told Axios.

Background: Scattered Canary started as a small-time operation in 2008 — a single actor dubbed "Alpha" running Craigslist scams with the help of a more seasoned mentor, dubbed "Omega." The tandem committed 419 total Craigslist scams, averaging $24,000 in profits.

  • Alpha is currently engaged and has three kids. In 2010, he began running romance scams, extorting money from victims and using them to do menial tasks in other scams, such as opening bank accounts.
  • In 2015, Alpha started scamming corporations and began hiring additional employees.

Details: Like other groups, Scattered Canary uses commercial lead generation services to compile lists of potential victims.

  • Since 2017, the group has perpetuated several fraudulent attacks on the U.S. government, including filing 13 tax returns and 11 Social Security benefit applications. It's also filed applications for Texas unemployment benefits under 9 identities and applications for FEMA disaster assistance under 3 identities.
  • Agari lists several email accounts associated with the group in its report.

The bottom line: Conventional hackers may get most of the attention, but email fraud is a thriving industry with a higher return on investment.

  • Hassold says, "I'm worried about what happens when the Eastern European, Russian and Southeast Asian groups realize, 'Why are we spending so much money on infrastructure and paying developers to develop malware when we could just send an email to someone, ask them to send us money and they'll do it?'" 

Go deeper: Email scammers take advantage of Gmail dot feature

Go deeper

7 hours ago - Health

FDA advisory panel recommends Pfizer boosters for those 65 and older

A healthcare worker prepares a dose of the Pfizer-BioNTech Covid-19 vaccine at the Key Biscayne Community Center on Aug. 24, 2021. Photo: Eva Marie Uzcategui/Bloomberg via Getty Images

A key Food and Drug Administration advisory panel on Friday overwhelmingly voted against recommending Pfizer vaccine booster shots for younger Americans, but unanimously recommended approving the third shots for individuals 65 and older, as well as those at high-risk of severe COVID-19.

Why it matters: While the votes are non-binding, and the FDA must still make a final decision, Friday's move pours cold water on the Biden administration's plan to begin administering boosters to most individuals who received the Pfizer vaccine later this month.

8 hours ago - World

France recalls ambassadors from U.S. and Australia over submarine deal

Secretary of State Antony Blinken (L), French Foreign Minister Jean-Yves Le Drian (C), and French ambassador to the U.S. Philippe Etienne. Photo: Nicholas Kamm/AFP via Getty Images

France has taken the extraordinary step of recalling its ambassadors to the U.S. and Australia after both countries blindsided their French allies with a new military pact and submarine contract, the French Foreign Ministry announced on Friday.

The backstory: While sealing an agreement with the U.S. and U.K. to acquire nuclear submarines, Australia ripped up an existing $90 billion submarine deal with France. That led senior French officials to accuse the U.S. of a "stab in the back."

Updated 8 hours ago - World

In reversal, Pentagon now says drone strike killed 10 Afghan civilians

Caskets for the dead are carried towards the gravesite as relatives and friends attend a mass funeral for members of a family that is said to have been killed in a U.S. drone airstrike, in Kabul on Aug. 30. Photo: Marcus Yam/Los Angeles Times via Getty Images

A U.S. drone strike launched on Aug. 29 killed 10 civilians in Afghanistan, including seven children, rather than the Islamic State extremists the Biden administration claimed it targeted, the Pentagon said Friday.

Why it matters: U.S. Central Command said at the time that officials "know" the drone strike "disrupted an imminent ISIS-K threat" to Kabul's airport, and that they were "confident we successfully hit the target."