Monday, September 19, 2016

African Phishing Attacks and Money Transfer Woes
Current intelligence from Africa revealed that many clients of CBAO Bank, a well-known West African banking group and the newly created Ivorian-Moroccan bank, Banque Atlantique, have been the targets of recent phishing attacks.  Customers are receiving targeted spoofed e-mails from false bank advisors informing them that, for security measures, they must update their banking information either by filling out a dynamic .pdf and sending it to designated e-mail address, or to connect via a given spoofed link from which online account information is then harvested.  These tactics have been used in Western Europe and the U.S. but might be re-employed due to recent success in Africa.  Additionally, money transfer provider’s trustworthiness is appearing to become an issue in Senegal, which has affected many local residents.  Both these issues are being tracked.  This information is being supplied for your situational awareness. 

Publication date:                           17 September 2016

Handling requirements:                 Traffic light protocol (TLP) GREEN

Attribution/Threat Actors:             African phishing and money transfer providers

Actor Type:                                    Tier II     

Potential Targets:                           International

Past Reporting:                               DOC-3811

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.