Scattered Canary – The Evolution Of A West African Cybercriminal Organization
The Evolution and Inner Workings of a West African
Cybercriminal Startup Turned BEC Enterprise
An Agari Special Report
Scattered Canary – A West African CriminalCriminal A criminal is any person who through a decision or act engages in a crime. This can be complicated, as many people break laws unknowingly, however, in our context, it is a person who makes a decision to engage in unlawful acts or to place themselves with others who do this. A criminal always has the ability to decide not to break the law, or if they initially engage in crime to stop doing it, but instead continues. Enterprise
These scammers have ripped off as much as $36B in unemployment benefits in 2020 alone!
In a first, Agari has cataloged the evolution of a Nigerian cybercriminal organization from its emergence as a one-man shop into a powerful business email compromise (BEC) enterprise employing dozens of threat actors.
An Agari Threat Actor Dosier
The following is copyright © 2019 Agary, and is presented to expand awareness of this criminal enterprise and to help victims understand the scope of organizational growth in West African scamming. We greatly appreciate their courtesy in being able to display their work unchanged here.
From the Scattered Canary Dosier Executive Summary
BEC has continued to grow, taking the number one spot for greatest financial losses from Internet crime. In a recent report, the FBIFBI FBI - Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, the FBI is also a member of the U.S. Intelligence Community and reports to both the Attorney General and the Director of National Intelligence. A leading U.S. counter-terrorism, counterintelligence, and criminal investigative organization, the FBI has jurisdiction over violations of more than 200 categories of federal crimes, including financial fraud.’s Internet Crime Complaint Center (IC3) reported that more than 20,000 businesses lost nearly $1.3 billion to BEC attacks in 2018. Globally, BEC attacks have cost more than $13 billion in losses over the past five years.
But with the West African gangGang A gang is normally a group or society of associated criminals with a defined leadership and internal organization that identifies with or claims control over a territory or business practice in a community and engages, either individually or collectively, in illegal, and possibly violent, behavior. Online gangs are not limited by territory and may operate side by side with other gangs while engaging in crime online. Some members of criminal gangs are initiated (by going through a process of initiation), or have to prove their loyalty and right to belong by committing certain acts, usually theft or violence, or rituals. Gangs are usually rougher and more visible than scammer cartels, and more often arrested. we’ve named Scattered Canary, we have a deeper look at how business email compromise is connected to the rest of the cybercrimeCybercrime Cybercrime is a crime related to technology, computers, and the Internet. Typical cybercrime are performed by a computer against a computer, or by a hacker using software to attack computers or networks.. With over ten years of visibility into Scattered Canary’s operations, we have deep insight into how the group grew from a single cybercriminal working Craigslist scamsScams A Scam is a confidence trick - a crime - is an attempt to defraud a person or group after first gaining their trust through deception. Scams or confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, irresponsibility, or greed and exploiting that. Researchers have defined confidence tricks as "a distinctive species of fraudulent conduct ... intending to further voluntary exchanges that are not mutually beneficial", as they "benefit con operators ('con men' - criminals) at the expense of their victims (the 'marks')". A scam is a crime even if no money was lost. into an entire organization that consists of dozens of criminals, each with specific tasks.
When the first member of Scattered Canary, who, for the purposes of this report, we call Alpha, began his operations, he was a lone wolf—working mostly Craigslist scams as he learned the tricks of the trade from a mentor. However, within a few years, he had honed his craft enough to expand into romance scams, where he met his first “employee,” Beta. Once they had secured enough mules via their romance scams to launder their stolen money, they shifted from targeting individuals to targeting enterprises, and the group’s BEC operation was born.
Since its inception, at least 35 different actors have joined Scattered Canary in its fraudulent schemes. The group has turned to a scalable model through which they can run multiple types of scams at the same time. And with multiple tools designed to help them expand their operations and stay hidden from law enforcement, it is no wonder that they are seeing massive success.
While BEC remains a favorite due to its ease and success, a look into Scattered Canary’s operations demonstrates that these groups are not one-trick ponies. At any given time, Scattered Canary is involved in a number of different types of scams simultaneously—including romance scams, tax fraudFraud In law, fraud is intentional deception to secure unfair or unlawful gain (money or other assets), or to deprive a victim of a legal right. Fraud can violate civil law (e.g., a fraud victim may sue the fraud perpetrator to avoid the fraud or recover monetary compensation) or criminal law (e.g., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities), or it may cause no loss of money, property, or legal right but still be an element of another civil or criminal wrong. The purpose of fraud may be monetary gain or other benefits, for example by obtaining a passport, travel document, or driver's license, or mortgage fraud, where the perpetrator may attempt to qualify for a mortgage by way of false statements. A fraud can also be a hoax, which is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim., social security fraud, employment scams, and more. And this is only one organization, out of the hundreds currently residing in West Africa and around the world.
With this much involvement between members, and so much connection between crime type, we must look at the bigger picture to truly understand the enormity of the cybercrime problem.
If Scattered Canary can be seen as a microcosm for the rapidly evolving organizations behind today’s most pernicious email scams, this report emonstrates that a much more holistic approach—one based on threat actor identity rather than type of fraudulent activity—is required to detect email fraud and protect organizations.
Additional & Updated Information About Scattered Canary
- Scattered Canary Cybercrime Ring Exploits the COVID-19 Pandemic with Fraudulent Unemployment and CARES Act Claims | Agari
- The Nigerian Fraudsters Ripping Off the Unemployment System | WIRED
- How missed ‘red flags’ helped Nigerian fraud ring ‘Scattered Canary’ bilk Washington’s unemployment system amid coronavirus chaos | The Seattle Times
- Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims (tripwire.com)
- Scammers have ripped off as much as $36B in unemployment benefits this year (thehustle.co)
- West Africa’s Scattered Canary gang shows how cybercriminals supersize email scams – CyberScoop
PLEASE SHARE OUR ARTICLES WITH YOUR FRIENDS & FAMILY
HELP OTHERS STAY SAFE ONLINE – YOUR KNOWLEDGE CAN MAKE THE DIFFERENCE!
THE NEXT VICTIM MIGHT BE YOUR OWN FAMILY MEMBER OR BEST FRIEND!
By the SCARS™ Editorial Team
Society of Citizens Against Relationship ScamsSCARS SCARS - Society of Citizens Against Relationship Scams Inc.
A government registered crime victims' assistance & crime prevention nonprofit organization based in Miami, Florida, U.S.A. SCARS supports the victims of scams worldwide and through its partners in more than 60 countries around the world. Incorporated in 2015, its team has 30 years of continuous experience educating and supporting scam victims.
Visit www.AgainstScams.org to learn more about SCARS. Inc.
A Worldwide Crime Victims Assistance & Crime Prevention Nonprofit Organization Headquartered In Miami Florida USA & Monterrey NL Mexico, with Partners In More Than 60 Countries
To Learn More, Volunteer, or Donate Visit: www.AgainstScams.org
Contact Us: Contact@AgainstScams.org
Your Feedback!
Please share your feedback below. Hearing from victims helps us refine our knowledge about scammer’s processes and methods, and then be able to better share factual authoritative information with victims worldwide. Please scroll down and share your thoughts and comments. What you think and experienced matters.
Please Share:
Please share our articles and knowledge with your friends & family. This is important!
Help others stay safe online – your knowledge can make the difference for both those being groomed and victims! The next victim might be your own family member or best friend!
By the SCARS™ Editorial Team
Society of Citizens Against Relationship Scams Inc.
A Worldwide Crime Victims Assistance & Crime Prevention Nonprofit Organization Headquartered In Miami Florida USA & Monterrey NL Mexico, with Partners In More Than 60 Countries
To Learn More, Volunteer, or Donate Visit: www.AgainstScams.org
Contact Us: Contact@AgainstScams.org
Leave A Comment