Symantec Provides Key Intelligence to FBI for 74 Cybercriminal Arrests

Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, today revealed that its intelligence on nearly 1.6 million phishing sites helped the FBI and other international law enforcement agencies identify and arrest 74 alleged cybercriminals for Business Email Compromise (BEC) schemes designed to intercept and hijack wire transfers from businesses and individuals. Operation Wire Wire was conducted over a six-month period using intelligence from Symantec’s Project Dolphin, which spots phishing sites using a one-of-a-kind technique to compare new webpages to known legitimate sites. The coordinated effort culminated with 74 arrests in the United States and overseas, seizure of nearly $2.4 million, and the disruption and recovery of approximately $14 million in fraudulent wire transfers.

"The Symantec Security Response team responsible for developing Project Dolphin and assisting the FBI in this operation has an unparalleled track record when it comes to detecting fraudulent activity. Operation Wire Wire and Bayrob are prime examples of the collaboration we’ve fostered with law enforcement to stop cyber criminals in their tracks,” said Mike Fey, president and chief operating officer at Symantec. "With the power of Symantec’s Global Threat Intelligence Network, I have no doubt our success record will continue to grow.”

BEC and phishing attacks work by luring victims to the phishing site via email and presenting a believable page that mimics another site. The victim, thinking they are on the real site, enters their credentials which are then sent to the "phisherman.” Through its research, Symantec discovered that targets are heavily weighted toward "credential phishing” instead of traditional "financial phishing” – a shift from the general assumption within the security and law enforcement industries.

Developed by researchers in Symantec’s Global Intelligence Network, Project Dolphin uses a combination of Web, endpoint, and email intelligence; cloud infrastructure; image processing, analysis, and comparison; and a machine learning system, to help identify phishing sites. It works by visually comparing a screenshot of a possible phishing site with a saved collection of such sites.

"We identify tens of thousands of malicious websites each day and are able to help protect our customers against attacks and vulnerabilities that may result from visiting those sites,” said Chris Larsen, Architect, WebPulse Threat Research Lab at Symantec. "We’ve found that phishermen now commonly target login credentials for email and various cloud services to steal sensitive data. That means phishing is no longer just a problem affecting individual users or employees – it’s an organization-level threat.”

Critical data, applications and infrastructure at enterprise organizations are shifting from behind the firewall to running on the cloud. Symantec’s Shadow Data Report found that the average enterprise has 1,516 cloud apps in use, and across all industries, 3 percent of broadly shared files contain sensitive information like social security numbers, health records or credit card credentials. Criminals are catching on to this trend, with Symantec’s Internet Security Threat Report disclosing that 71 percent of all targeted attacks last year started with spear phishing.

Visit Norton by Symantec’s step-by-step guide on what to do after an email scam for helpful tips like changing passwords to notifying credit agencies. For organizations, Symantec recommends expanding their employees' security training to include the full spectrum of phishing attacks, including the risks of popular cloud apps and shadow data; re-evaluate their anti-spam and anti-phishing defenses’ coverage; and consider solutions for tracking shadow data use. Click here to learn more about Symantec’s Cloud Generation security resources.

About Symantec

Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter, and LinkedIn.

View source version on businesswire.com: https://www.businesswire.com/news/home/20180815005719/en/