Security Dealer & Integrator

SEP 2018

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link:

Contents of this Issue


Page 24 of 84

24 Security Dealer & Integrator / September 2018 T he following is based on actual events (the names have been ano- nymized to protect the innocent)… It was a simple transaction, unfold- ing over a period of weeks – but some- one else was watching. e transac- tion involved the transfer of several millions of dollars from Company A to Company B, using their respective bank accounts. e senior person lead- ing the deal for Company A was guid- ing his team, mostly over email…but someone else was watching. At some point, the senior guy (or so it seemed) wrote to his team that the wire instructions for the trans- action had changed. is sometimes happens in commercial transactions, so it did not seem out of the ordinary to the team. His colleagues – thinking that they had been safely instructed by their boss to make the change – then attempted to wire millions of dollars to Company B. ankfully, they mistakenly entered the wrong wire transfer numbers and the money did not transfer. So, the team from Company A called Company B to verify the new instructions. Of course, Company B knew nothing of the new wire instructions – which revealed to the team members of Company A that the instructions seemingly provided by the senior guy were for a totally separate account at a separate bank opened (fraudulently) in the name of the intended recipient. at someone else who was watch- ing was a hacker – a cybercriminal. e hacker had infiltrated the compa- ny's email system – perhaps weeks or months earlier. He was watching email traffic within Company A and came upon a discussion about this pend- ing transaction. He was aware of the details and timing of the transaction and knew who was in charge of the deal for Company A. Using bitcoin – so as to be untrace- able – the hacker purchased an alterna- tive, but nearly identical domain name of Company A and used that false domain to (electronically) impersonate the senior person on the transaction. In fact, the fraudulent domain address created by the hacker only deviated by one digit from Company A's proper domain – so it appeared to the casual reader to be identical. Using the false but nearly identi- cal email address, the hacker inserted himself in the email conversation, omitted the senior person, and then exchanged emails with the remaining team members of Company A. In that exchange, he provided the new (false) wiring instructions to the unsuspect- ing team members. at this criminal plan was thwarted and the money not trans- ferred to the hacker was simply by luck – not by design. Don't Become a Victim Every day, cybercriminals are trying to access your company and personal information, steal and trade on that sensitive data, and even divert your million-dollar wire transfers. ere are no perfect fixes, but observing some or all of the following 10 proto- cols will help keep your company safe from these criminals. Deploying these protections in your organization will help keep your business safe; however, you and your team also must practice, practice, practice. is will protect your company from cybercrime by design, and not by luck as it did above. 1 If you are unsure whether an email request is legitimate – such as a change in wiring instruc- tions – verify the request by con- tacting the recipient directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. 2 Always check the domain name of those from whom you receive emails. It is difficult to even notice the difference between the addresses vs. We receive so many emails, and the differences can be 10 Ways to Avoid Being a Cyber Victim How one false email nearly cost one company millions Legal Brief BY TIMOTHY J. PASTORE, ESQ. Using the false but nearly identical email address, the hacker inserted himself in the email conversation , omitted the senior person, and then...provided the new (false) wiring instructions to the unsuspecting team members." NEW Column

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Dealer & Integrator - SEP 2018