The Justice Department on Jan. 30 seized 39 domains of a Pakistan-based network of online marketplaces selling hacking and fraud-enabling tools operated the Saim Raza group, also known as HeartSender, in a joint operation with the Dutch National Police.According to the affidavit filed in support of the seizures, Saim Raza has used these cybercrime websites since at least 2020 to sell phishing toolkits and other fraud-enabling tools to transnational organized crime groups. These organizations used them to target numerous victims in the United States, resulting in over $3 million in victim losses.The transnational organized crime groups and other cybercrime actors who purchased these tools primarily used them to run business email compromise (BEC) schemes in which the cybercrime actors tricked victim companies into making payments to a third party, according to the DOJ. “The takedown of HeartSender reveals how cybercrime has evolved into a sophisticated service industry, where even non-technical criminals can easily purchase and deploy advanced phishing tools to target businesses,” said J. Stephen Kowski, Field CTO at SlashNext Email Security. “While this operation marks a significant victory against BEC infrastructure, the $3 million in documented losses highlights only a fraction of the financial damage these automated phishing operations can inflict on organizations.”Heath Renfrow, co-founder and CISO at Fenix24, said while he commended law enforcement and those involved in Operation Heart Blocker for their successful efforts, it will have minimal impact on slowing the larger cybercrime epidemic that continues to escalate. Renfrow said for every criminal group disrupted, multiple others remain active or emerge to take their place.“BECs remain one of the most widespread and financially-devastating cyber threats, yet it garners far less public attention compared to ransomware,” said Renfrow. “The reason is unlike ransomware, which creates immediate operational disruptions that force victims to disclose incidents, BEC fraud is often quietly absorbed by organizations as a financial loss. Companies may be reluctant to report these crimes due to reputational concerns or because the stolen funds are often unrecoverable, leaving little incentive for public disclosure.”Tom Cross, cybersecurity strategist at Witfoo, added that according to FBI statistics about cybercrime, BECs are second only to investment scams in terms of the total dollar amount being stolen from victims. That’s because business-to-business transactions often involve large amounts of money, said Cross.“If criminals can inject themselves into those transactions and trick victims into wiring money to the wrong account, they can make off with a significant haul,” said Cross. “It's incredibly important that any business that performs wire transfers to settle accounts or pay suppliers develops very careful processes for validating any change to destination bank account numbers. This is doubly true now that deep fake technology is increasingly accessible to criminals, who can use voice and video to impersonate parties on calls."
Government Regulations, Phishing, Email security
DOJ, Dutch police take down group selling phishing tools to cybercriminals
(Adobe Stock)
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds