B2B Payments

IBM Discovers Cybercrime Ring Targeting Canadian Businesses

IBM X-Force, the cybersecurity intelligence and research unit of IBM, has reportedly discovered a cybercriminal ring operating out of Ukraine targeting Canadian businesses.

Recent reports in Security Intelligence said the criminals are deploying custom phishing attacks against business customers of Canadian banks to gain access to their bank credentials, passwords and authentication codes. The attackers send a spear phishing email to a target with seemingly legitimate contents, including a bank logo.

The emails are sent with PDF attachments designed to hide from detection tools. Analysts said it is possible that the criminals may have first deployed an earlier attack on their targets to learn more about the companies' account information before launching the PDF-related attack. The PDFs urge readers to synchronize their devices and re-activate with one-time passwords and tokens, while links in the PDF send users to phishing sites.

The scheme is designed to give attackers access to business bank accounts.

According to IBM X-Force, the same attackers have also been operating a separate ring targeting consumers, though cybercriminals have recently been heightening their focus on corporate victims and high-value accounts.

The cybercrime ring identified by IBM X-Force is one of several that have taken to targeting businesses in recent months. Last June, in the wake of WannaCry, Bloomberg reported on another “massive cyberattack” originating in Europe. Investigators found Mondelez International, A.P. Moller-Maersk and BNP Paribas Real Estate to be among the targeted victims.

A research report released in October by Deutsche Bank and Economist Intelligence Unit found cybercriminals are particularly interested in targeting the corporate treasury department, which holds a trove of sensitive company and customer data.

“Sophisticated cybercriminals often use social engineering and insight information to execute high-value thefts via corporate treasuries,” said Deutsche Bank head of cash management Michael Spiegel, in a statement at the time. “Our research has identified serious gaps in corporate defense, including vulnerabilities hidden with third parties and their subcontractors. This gives cybercriminals the opportunity to steal data.”



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.