From: RegTech Analyst
New malware strains and ransomware holding businesses hostage might get a lot of headlines, but this group of hackers managed to steal $1m by simply copying the victims’ websites.
An unnamed Chinese venture capital firm and an Israeli startup have fallen victims to scammers who simply registered two web domains.
Following the attack, cybersecurity firm Check Point Software investigated the crime, Dark Reading reported.
The report stated that the attack began a few months before the transaction was set to occur.
The scammers kicked it off by compromising the Israeli startup’s email, enabling the hackers to get information about the transaction.
The hackers then registered two web domains – one pretending to be the VC and the other impersonating the startup – and only added an S to each site.
Next, the hackers used the domains to send each party an email, pretending to be the other participant of the upcoming seed round.
This helped the criminals establish themselves as the man in the middle that got all the emails first.
In turn, this enabled the hackers to get the email from each party, alter whatever details they wanted to before sending it along to the original recipient.
Over the course of 32 emails, the attackers replaced the bank account information that was sent to the investors, meaning that the seed money meant for the startup was sent to the attackers instead.
Check Point Software’s researchers added that the attack highlights the need for businesses to have the ability to scan for lookalike sites to avoid falling prey to scammers.
Copyright © 2019 FinTech Global