Endpoint

3/12/2018
01:48 PM
50%
50%

Georgia Man Pleads Guilty to Business Email Compromise Attacks

Kerby Rigaud has pleaded guilty to using BEC attacks in attempts to steal more than $1 million from US businesses.

The leader of an international business email compromise scam is heading to jail. The incarceration comes courtesy of a Secret Service investigation, a US attorney prosecution, and a guilty plea.

Kerby Rigaud, 27, of Duluth, Ga. pleaded guilty to a variety of charges related to the fact that from April 2015 through April 2016, he served as a key player in an international business email compromise scam that hit victims across the United States. According to court documents, Rigaud recruited associates to help with both ends of the scam. On the email side, he had co-conspirators send email with spoofed addresses asking for wire transfers into a number of different bank accounts. On the bank account side, he recruited individuals to provide their account information as transfer destinations, then told them where to send the proceeds once obtained.

The U.S. prosecutor's office says that Rigaud and his associates tried to steal more than $1 million dollars from various businesses around the US. Sentencing in the case is scheduled for June 14, 2018.

For information, see the US Department of Justice release, here

 

Interop ITX 2018

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the Interop ITX 2018 agenda here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Compliance and Risk Management Officer, AvePoint, Inc,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1394
PUBLISHED: 2018-08-20
Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425.
CVE-2018-1517
PUBLISHED: 2018-08-20
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.
CVE-2018-1656
PUBLISHED: 2018-08-20
The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.
CVE-2015-5160
PUBLISHED: 2018-08-20
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
CVE-2015-5243
PUBLISHED: 2018-08-20
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record.