You can be on Entrepreneur’s cover!

IBM Uncovers New, Sophisticated Cyber Scam Targeting Businesses It uses a combination of phishing, malware and phone calls that has netted Eastern European cyber criminals more than $1 million.

By Reuters

entrepreneur daily

This story originally appeared on Reuters

IBM has uncovered a sophisticated fraud scheme run by a well-funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls that the technology company says has netted more than $1 million from large- and medium-size U.S. companies.

The scheme, which IBM security researchers have dubbed "The Dyre Wolf," is small in comparison with more recent widespread online fraud schemes but represents a new level of sophistication.

According to IBM, since last year the attackers have been targeting people working in companies by sending spam email with unsafe attachments to get a variant of the malware known as Dyre into as many computers as possible.

If installed, the malware waits until it recognizes that the user is navigating to a bank website and instantly creates a fake screen telling the user that the bank's site is having problems and to call a certain number.

If users call that number, they get through to an English-speaking operator who already knows what bank the users think they are contacting. The operator then elicits the users' banking details and immediately starts a large wire transfer to take money out of the relevant account.

The use of a live phone operator is what makes the scheme unique, said Caleb Barlow, vice president of IBM Security.

"What's very different in this case, is we saw a pivot of the attackers to use a set of social engineering techniques that I think are unprecedented," said Barlow. "The focus on wire transfers of large sums of money really got our attention."

IBM did not release any details on which companies fell prey to the scheme or the location of the perpetrators.

Once the transfer is complete, the money is then quickly moved from bank to bank to evade detection. In one instance, IBM said, the gang hit the victim company with a denial of service attack - essentially bringing down their Web capabilities - so it would not discover the theft until much later.

International Business Machines Corp's security unit is recommending that companies make sure employees are trained in spotting phishing attacks - where emails or attachments can infect a computer - and to never provide banking credentials to anyone.

The unit published a blog on the issue on its site.

(Reporting by Bill Rigby; Editing by Steve Orlofsky)

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Side Hustle

This Dad Started a Side Hustle to Save for His Daughter's College Fund — Then It Earned $1 Million and Caught Apple's Attention

In 2015, Greg Kerr, now owner of Alchemy Merch, was working as musician when he noticed a lucrative opportunity.

Business News

I Designed My Dream Home For Free With an AI Architect — Here's How It Works

The AI architect, Vitruvius, created three designs in minutes, complete with floor plans and pictures of the inside and outside of the house.

Business News

This Fan-Favorite Masters 2024 Item Is Still $1.50 as Tournament Menu Appears Unscathed by Inflation

The pimento cheese sandwich is a tradition almost as big as the tournament itself.

Business Solutions

Handle In-House Projects More Efficiently with MS Project Pro — Just $24 Through April 16

It's designed to help teams stay on task with features like management templates, timesheets, generators, and more.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business Ideas

7 Link-Building Tactics You Need to Know to Skyrocket Your Website's Rankings

An essential component of SEO, link building is not just a 'Set them and forget them' proposition, but a dance of skills and strategies.