Symantec Corp. (NASDAQ: SYMC), the worlds leading cyber security
company, today revealed that its intelligence on nearly 1.6 million
phishing sites helped the FBI and other international law enforcement
agencies identify and arrest 74 alleged cybercriminals for Business
Email Compromise (BEC) schemes designed to intercept and hijack wire
transfers from businesses and individuals. Operation
Wire Wire was conducted over a six-month period using intelligence
from Symantecs Project
Dolphin, which spots phishing sites using a one-of-a-kind technique
to compare new webpages to known legitimate sites. The coordinated
effort culminated with 74 arrests in the United States and overseas,
seizure of nearly $2.4 million, and the disruption and recovery of
approximately $14 million in fraudulent wire transfers.
"The Symantec Security Response team responsible for developing Project
Dolphin and assisting the FBI in this operation has an unparalleled
track record when it comes to detecting fraudulent activity. Operation
Wire Wire and Bayrob are prime examples of the collaboration weve
fostered with law enforcement to stop cyber criminals in their tracks,
said Mike Fey, president and chief operating officer at Symantec. "With
the power of Symantecs Global Threat Intelligence Network, I have no
doubt our success record will continue to grow.
BEC and phishing attacks work by luring victims to the phishing site via
email and presenting a believable page that mimics another site. The
victim, thinking they are on the real site, enters their credentials
which are then sent to the "phisherman. Through its research, Symantec
discovered that targets are heavily weighted toward "credential
phishing instead of traditional "financial phishing a shift from the
general assumption within the security and law enforcement industries.
Developed by researchers in Symantecs Global Intelligence Network,
Project Dolphin uses a combination of Web, endpoint, and email
intelligence; cloud infrastructure; image processing, analysis, and
comparison; and a machine learning system, to help identify phishing
sites. It works by visually comparing a screenshot of a possible
phishing site with a saved collection of such sites.
"We identify tens of thousands of malicious websites each day and are
able to help protect our customers against attacks and vulnerabilities
that may result from visiting those sites, said Chris Larsen,
Architect, WebPulse Threat Research Lab at Symantec. "Weve found that
phishermen now commonly target login credentials for email and various
cloud services to steal sensitive data. That means phishing is no longer
just a problem affecting individual users or employees its an
organization-level threat.
Critical data, applications and infrastructure at enterprise
organizations are shifting from behind the firewall to running on the
cloud. Symantecs
Shadow Data Report found that the average enterprise has 1,516 cloud
apps in use, and across all industries, 3 percent of broadly shared
files contain sensitive information like social security numbers, health
records or credit card credentials. Criminals are catching on to this
trend, with Symantecs
Internet Security Threat Report disclosing that 71 percent of all
targeted attacks last year started with spear phishing.
Visit Norton by Symantecs step-by-step guide
on what to do after an email scam for helpful tips like changing
passwords to notifying credit agencies. For organizations, Symantec recommends
expanding their employees' security training to include the full
spectrum of phishing attacks, including the risks of popular cloud apps
and shadow data; re-evaluate their anti-spam and anti-phishing defenses
coverage; and consider solutions for tracking shadow data use. Click
here to learn more about Symantecs
Cloud Generation security resources.
