Source URL: https://krebsonsecurity.com/2025/07/phishers-target-aviation-execs-to-scam-customers/
Source: Krebs on Security
Title: Phishers Target Aviation Execs to Scam Customers
Feedly Summary: KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime group that is actively targeting established companies in the transportation and aviation industries.
AI Summary and Description: Yes
**Summary:** The text details a phishing incident within the transportation industry, highlighting a coordinated attack by a Nigerian cybercrime ring known as SilverTerrier. This case illustrates the rising threat of Business Email Compromise (BEC), a form of cybercrime that costs organizations billions annually. The piece also discusses preventive measures and emphasizes the importance of familiarizing organizations with the “financial fraud kill chain” to recover fraudulent payments.
**Detailed Description:**
The incident described involves a malicious phishing scheme that successfully compromised an executive’s email account. As a result, scammers sent fraudulent invoices to the organization’s customers, leading to significant financial loss. Here are the major points covered:
– **Phishing Attack Overview:**
– An executive at a transportation company fell victim to a phishing attack, leading to stolen credentials and compromised email.
– Attackers created a look-alike domain similar to the company’s legitimate domain to send fake invoices.
– At least one customer fell victim to this scam, resulting in a six-figure financial loss.
– **Cybercrime Ring – SilverTerrier:**
– The attackers are linked to a long-standing Nigerian cybercrime group named SilverTerrier, known for executing complex BEC scams.
– SilverTerrier employs social engineering and computer intrusion tactics to access legitimate business email accounts to manipulate financial transactions.
– **Organization and Scope of Operations:**
– The group has been active since at least 2012, with hundreds of BEC fraudsters arrested in various international operations.
– BEC scams were recently cited by the FBI as costing victims nearly $2.8 billion in reported losses in 2024.
– **Indicators of Compromise (IoCs):**
– The text presents useful IoC data and email addresses linked to the attackers which can help cybersecurity teams track and mitigate threats.
– Connection between multiple phishing domains and email addresses is illustrated, revealing the interconnected nature of cybercriminal networks.
– **Financial Fraud Kill Chain (FFKC):**
– The FBI’s Financial Fraud Kill Chain process provides a framework for organizations to recover funds wired to fraudsters.
– Victims are encouraged to file complaints promptly to increase the chances of freezing the fraudulent transactions, with a noted 66% success rate in 2024 for timely complaints.
– **Recommendations for Organizations:**
– Regular security training for employees.
– Reviewing and updating network security policies.
– Familiarizing with processes like the Financial Fraud Kill Chain to increase the likelihood of recovering funds after a BEC incident.
This analysis underscores the necessity for organizations to enhance their email security protocols, educate their workforce about phishing threats, and adopt established frameworks to respond to and recover from cybercrime incidents effectively.