Nigerian 419 scams and 'Silver Spaniel' targets Aussie businesses

Businesses need to be more aware of common malware campaigns such as 'Silver Spaniel' and Nigerian 419 scams, which are targeting Australian organisations, according to Palo Alto Networks.

Nigerian scammers are known for running 419 phishing scams that attempt to collect credit card details or personal information from individuals.

Over the past few years these scammers have expanded their skills to target businesses using more advanced techniques code-named Silver Spaniel.

Palo Alto Networks, Unit 42 intelligence director, Ryan Olson, said the term 419 scams comes from the Nigerian criminal code for this type of fraud.

"Despite the origins of the term, we are also seeing 419 scams originating from other countries," he said.

"This will continue to be an international problem. And now the evolution of 419 scams to Silver Spaniel is a real concern for Australian businesses."

Olson said Silver Spaniel actors were using new techniques to perform business infiltrations.

Read more:Employers urged to let staff stream live FIFA World Cup matches

"Their objective is to steal password and other data they can use to further compromise their victims," he said.

"This new approach is an evolution of the technique in that criminals are using malware and a crypter program to collect the information they previously got by tricking victims through social engineering.

"What's more, their techniques collect the desired information from businesses without requiring a direct interaction.

"Australian businesses must consider themselves potential new targets for Silver Spaniel and act to avoid becoming a target."

Attackers are now using the same tools that more sophisticated criminal and espionage groups deploy to steal information.

These include NetWire, a commercial Remote Administration Tool that targets Windows, MacOS and Linux, and gives attackers control of an infected system.

Read more:Distribution Central helps Palo Alto Networks' partners with remote install service

The other is DataScrambler, a 'crypter', which is designed to make malware fully undetectable to antivirus software.

This means that traditional antivirus programs and firewalls are ineffective against the attacks because the tools are specifically designed to evade them. The tools update on a regular basis to stay ahead of the industry.

Olsen said a business that was experiencing one of these attacks might assume it came from Eastern Europe or a hostile espionage group.

"But in reality it's a new threat group they haven't had to worry about in the past," he said.

"This is yet another threat group that businesses need to worry about, adding to an already long list."

Read more:BYOD challenge remains despite progress: Palo Alto Networks

This story, "Nigerian 419 scams and 'Silver Spaniel' targets Aussie businesses" was originally published by ARNnet.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.