Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

Email scammers are just like any other small business: They need leads, and commercial lead-generation services — the same kind many salespeople use — are providing them.

The big picture: Email scams targeting businesses, usually referred to as business email compromise scams, can seem unsophisticated. They typically take the form of fake invoices or emails from executives asking for money transfers. But like any other kind of enterprise, they care a lot about finding new clients — or, in their case, victims.

Background: In the past, we've covered how criminal groups operate like corporations, from their help wanted ads to their customer support hotlines. This is just the latest example.

  • Email fraudsters became known as "Nigerian scammers" in the early days of the web, when people around the world started to receive messages from bogus Nigerian princes seeking cash assistance. But the name is apt — the major groups actually do operate out of West Africa, and particularly Nigeria.

Details: "Of the West African groups we've profiled, nearly all of them use lead-generation sites," said Crane Hassold, senior director of threat research at Agari, a firm that tracks how email scam groups operate.

  • The criminal groups Agari has observed all used different lead-generation firms.
  • The sites offer users customizable searches for targets. For example, you could look up chief financial officers for tech companies of a certain size and revenue in California.
  • The groups Agari has tracked would sign up for free trials under a series of email accounts using the "Gmail dot" trick, though one group, nicknamed London Blue, outright purchased a $1,500 yearly subscription to a service last year. London Blue went on to download 50,000 leads in 6 months.

The groups could craft and refine a single spear-phishing email that would work against a wide variety of similar executives just by substituting different company names and small details.

  • It's more efficient than the older method of target acquisition — scraping lists of names from websites — but it still takes time to work. It took 18 days after a scammer downloaded the name of an Agari executive, said Hassold, before a phishing email arrived.
  • Targeting Agari isn't a particularly bright move, all things considered, but once the scammers get a name from a lead-generation service, they don't do further research. If they cast a wide enough net to find someone who takes the bait, they don't need to.

What they're saying: Axios reached out to six lead-generation firms that criminal groups used in the past, as identified by a security source that asked to remain anonymous to protect its information-gathering operation. None of the firms responded.

  • A quick look around the industry shows these services don't use upfront screening policies that would thwart scammers. And even a firm that did have screening policies in place appeared unaware of the scammer problem and was screening mostly to prevent spam.

The bottom line: Business email compromises reported to the FBI cost firms more than $1.2 billion in the United States alone in 2018, double the proceeds of 2017.

Go deeper: A look inside a Nigerian email scam group active since 2008

Go deeper

Bill Gates faces scrutiny over relationship with Microsoft employee, Epstein ties

Photo: Alessandro Di Ciommo/NurPhoto via Getty Images

Representatives for Bill Gates pushed back on claims Sunday that he left Microsoft's board because of an earlier sexual relationship and against two other reports detailing more extensive ties with Jeffrey Epstein than had previously been reported.

Driving the news: Microsoft said in an emailed statement to Axios that it "received a concern" in 2019 that its co-founder "sought to initiate an intimate relationship with a company employee in the year 2000," but denied a Wall Street Journal report that its board members thought Gates should resign over the matter.

AT&T in talks with Discovery to combine media assets

Illustration: Annelise Capossela/Axios

AT&T is in talks with media giant Discovery about merging its media assets, like CNN, TBS and TNT, according to two sources familiar with the discussions.

Why it matters: A potential merger could allow AT&T and Discovery to better compete with entertainment giants like Disney and Netflix in the video streaming wars.

Updated 5 hours ago - Politics & Policy

Franklin Graham worries Trump too old to run in 2024

Graham and Trump at a rally in 2017. Photo: Ralph Freso/Getty Images

The Rev. Franklin Graham says a potential 2024 presidential bid by Donald Trump would "be a very tough thing to do," the prominent Christian leader told "Axios on HBO."

Why it matters: Graham, the president of the Billy Graham Evangelistic Association and Samaritan's Purse, was among Trump's earliest and most prominent evangelical defenders.