Threat researchers at Lookout are helping to take down a phishing campaign that has been targeting members of the United States military and their families.
The scammers behind the long-running campaign impersonate military support organizations and personnel to commit advance fee fraud, stealing sensitive personal and financial information for monetary gain.
“Based on our analysis, it’s clear that the threat actor is looking to steal sensitive data from victims such as their photo identification, bank account information, name, address and phone number,” wrote Lookout’s researchers in a blog post on the scam published today.
“With this information, the actor could easily steal the victim’s identity, empty their bank account and impersonate the individual online.”
The campaign’s backbone is a series of websites that have been designed to appear as though they are affiliated with the military. To bring an added touch of authenticity to the sites, the operators add advertisements for Department of Defense services to their malicious content.
The sites offer expensive services that are never delivered, or trick users into thinking that they are in a romantic relationship with a member of the military. Fake services offered include care packages, leave applications, and communication permits.
Infrastructure indicators coupled with open-sourced intelligence point to Nigeria as the scammers’ operational base.
“The websites were primarily hosted by Nigerian providers that are offshore or ignore the Digital Millennium Copyright Act (DMCA),” wrote researchers.
“We were able to further confirm the operator’s location from a phone number one of the web developers accidentally left on the draft version of the site. The country code of the number is from Nigeria.”
So far, researchers have identified 50 military scam sites tied to this threat campaign, which further investigation showed was linked to other cyber-criminal activity.
“We were also able to link this group to numerous other scams advertising fake delivery services, crypto-currency trading, banks and even online pet sales,” wrote researchers.
The researchers at Lookout said that they are not the only individuals who are actively working to combat this particular campaign and expressed their thanks to everyone who is working to stop the scammers.