Skip to main content
0 Results Found
              Back To Results

                Beating Nigerian Social Engineers at Their Own Game

                Offense-in-depth means causing damage to criminal operations

                Nigerian phishing emails have become a joke.

                But while there has long been a high volume of low-level Nigerian phishing scams that target indiscriminately, there are also many sophisticated threat actors operating in Nigeria. These actors target executives and businesses in spear phishing campaigns that use an external email account to spoof communications from legitimate sources, or hijack an official account to intercept payments and transactions. Far from being a laughing matter, these methods have inflicted billions of dollars of damage on businesses worldwide.

                So it’s especially satisfying to beat these actors at their own game. In this case study, Secureworks® Counter Threat Unit™ (CTU) researchers spot a spear phishing email from a Nigerian threat actor targeting a large U.S business. CTU researchers started a conversation with the threat actor, playing the role of willing victim. By employing advanced social engineering techniques back at the threat actor, CTU researchers obtained a frankly surprising amount of personal information about the adversary, including a number of bank accounts, as well as Facebook and WhatsApp handles. As it turns out, even the social engineers can be duped by their own tricks.

                Secureworks calls this tactic offense-in-depth. The primary goal is to uncover personal information about the criminal and cause as much damage to their operation as possible. This means foregoing simple takedowns of infrastructure which can be quickly replaced, in favor of longer-lasting, and more damaging measures.

                We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.
                Sunil Saale, Head of Cyber and Information Security, Minter Ellison
                With Secureworks Taegis ManagedXDR, I have the peace of mind that my environment is being monitored 24x7 and if a threat actor tries to attack Secureworks will alert me, quickly investigate, and collaborate to fully resolve before damage can be done.
                Jerry Ryan, VP of IT, We Florida Financial

                Why Secureworks?

                Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

                Close Modal
                Close Modal