Today's cyber criminals are willing to go to great lengths in order to see their scam succeed.
Cybercriminals were able to divert well over 1 million dollars in funds from a PE firm back in December, according to a newly released CPIRT report. This business email compromise (BEC) attack involved the targeting of specific firms, a ton of intel gathering, the use of malicious mailbox rules, lookalike domains, impersonation, and either intercepting or starting new wire transfers.
Here’s how the scam works:
In all, the PE firm was scammed out of 1.2 mil, with only about half of the money being recovered.
So, what can organizations learn from this kind of scam?
There are a few best practices to put into place that could have prevented this scam:
Two-factor authentication is one big step for us to further secure your business network but one of the greatest company defenses a strong human firewall. Please look for more upcoming Security Awareness Training.
Senior Network Engineer