Hackers target 35,000 CFOs in spear phishing campaign

The Financial Times has reported this morning that a hacker group has compiled a list of 35,000 chief financial officers, some working at the world’s biggest banks and mortgage companies, so it can target them with requests to transfer money.  The “London Blue” hackers are the latest group to focus on “business email compromise” campaigns, according to the cyber threat detection company Agari, which found a list of 50,000 targets. Most of the rest of the people on the list were in accounting departments.


Commenting on this, Corin Imai, senior security advisor at DomainTools said:

“This revelation should be a serious concern to businesses. BEC fraud can have devastating consequences for the organisation targeted; The amounts of money involved more than often outweigh those associated with the more general phishing scams, which cast a wide net in the hopes of securing multiple payments. These scams prey on the high-pressure environments of large corporations, hoping that those responsible for transferring funds will be more concerned with completing the task quickly than by making sure it is an authentic request. CFOs should make efforts to verify any requests that they find unusual– Taking slightly longer to make a transfer is significantly better than unwittingly helping to facilitate a fraudulent transaction.”

Javvad Malik, security advocate at AlienVault added:


“It should come as no surprise for companies to experience BEC or similar targeting phishing attacks against CEO’s, CFO’s and other executives. 


It is a social engineering attack which relies on fooling the recipients into making payments. Therefore, educating and making execs aware of these scams is the first step in nipping the problem in the bud. Additional measures can be taken whereby double authorisation is needed to setup a new recipient or to send large payments.”