A sophisticated hacker group named The Florentine Banker managed to trick three British private equity firms and steals $1.3 Million following a complex business email compromise (BEC) attack.As per cybersecurity firm Check Point, nearly $700,000 of the total wire transferred amount is permanently lost with the rest of the amount recovered after researchers alerted the targeted firms in time.
The Florentine Banker hacker group has been active for at least several years, quickly adapting to new situations,focusing on its targets, manipulating email conversations, registering lookalike web domains, and cashing out wire transfers in phases. In the past they mainly targeted the manufacturing, construction, legal, and finance sectors located in the US, Canada, Switzerland, Italy, Germany, and India, among others.
The hackers attacked by sending phishing emails to high profile individuals in charge of money transactions to gain control of the account. Attackers used a total of seven different domains- lookalike domains, or a website to serve the phishing pages. 39 additional lookalike domains trying to pose as a legitimate business, registered throughout 2018 and 2020 were also found. In the present scenario, hackers are capitalising on the ongoing covid-19 pandemic for fraudulent wire transfers.It is advised to educate employees about phishing, pay attention to what goes in and out of their inboxes, incorporate email security and add additional two-factor authentication to secure accounts.