Contact Contact Us

WEEKLY COMMENTS

The London Blue cybercriminal group has expanded its business email scam (BEC) operations to include Asia Pacific, targeting countries such as Hong Kong, Singapore, Malaysia and Australia. The group previously generated a hit-list of 50,000 executives, of which 70% were CFOs from major banks and mortgage companies based in the US and Europe. In recent campaign, this list has shrunk to about 8,500 financial executives and with more attacks targeting employees in Asia working for companies based in the US, Europe or Australia. London Blue uses spear phishing emails that contain no malware to minimise signature. Instead, the group relies on social engineering to trigger a fund transfer with the request typically originating from a senior executive and involving some form of urgency to bypass internal checks.

References:
[1] London Blue: April 2019 Update (PDF)

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883