https://motherboard.vice.com/en_us/article/d3b3xk/the-fbi-created-a-fake-fedex-website-to-unmask-a-cybercriminal
By Joseph Cox
Motherboard.vice.com
Nov 26, 2018
The FBI has started deploying its own hacking techniques to identify
financially-driven cybercriminals, according to court documents unearthed
by Motherboard. The news signals an expansion of the FBI's use of tools
usually reserved for cases such as child pornography and bomb threats. But
it also ushers in a potential normalization of this technologically-driven
approach, as criminal suspects continually cover up their digital trail
and law enforcement have to turn to more novel solutions.
The two 2017 search warrant applications discovered by Motherboard both
deal with a scam where cybercriminals trick a victim company into sending
a large amount of funds to the scammers, who are pretending to be someone
the company can trust. The search warrants show that, in an attempt to
catch these cybercriminals, the FBI set up a fake FedEx website in one
case and also created rigged Word documents, both of which were designed
reveal the IP address of the fraudsters. The cases were unsealed in
October.
"What kinds of criminals mask their location, and for what kinds of
crimes? Child pornography, yes; violent threats, yes; but also
organized-crime rings engaged in cybercrime. A business email compromise
scam, like those at issue in these warrants, falls squarely in that camp,"
Riana Pfefferkorn, associate director of surveillance and cybersecurity at
the Stanford Center for Internet and Society, told Motherboard in an
online chat after reviewing the documents.
The first case centers around Gorbel, a cranes and ergonomic lifting
manufacturing company headquartered in Fishers, New York, according to
court records. Here, the cybercriminals used a long, potentially confusing
and official looking email address to pose as the company's CEO Brian Reh,
and emailed the accounts team asking for payment for a new vendor. The
fraudsters provided a W9 form of a particular company, and the finance
department mailed a check for over $82,000. Gorbel noticed the fraudulent
transaction, and brought in the FBI in July. Shortly after, Gorbel
received other emails pretending to be Reh, asking for another transfer.
This time, the finance department and FBI were ready.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
