A new hacking campaign is scamming internet users in West Africa by convincing them that they're being contacted by American investors and financial advisors.
Researchers have been unable to track the hacker group behind the campaign.
-
Hackers target their victims by first selecting financial advisor targets from the United States government's publicly available advisor certification records. Then they find biographical data on
employer websites, professional histories on LinkedIn, and social media accounts. Some of the websites where hackers have stolen this information are FINRA's BrokerCheck and the
SEC's Investment Adviser Public Disclosure.
-
After creating fake profiles, they target victims on social media with video ads, emails, and other forms of communication to convince them to invest in schemes that promise to return large profits to them in
a short period of time.
- Some campaigns have led their targets to impersonation websites that have live chat, allowing them to interact with what they believe is an investor.
-
Researchers have found that many of these websites are being hosted by a company named SpeedHost247. While this company claims to be based in Canada, researchers have tied it with cellphone numbers used in
Florida and Nigeria.
