In a recent cyber attack, hackers managed to fraudulently obtain $2.4 million through compromised business emails. However, thanks to the swift action of the U.S. Government, the stolen funds were successfully reclaimed and returned to the rightful victims.
Despite the increasing sophistication of cybercriminals, the authorities remain vigilant in their efforts to protect individuals and businesses from such criminal activities.
Business Emails Hack Scenario
One of the companies, referred to as c1, specializes in selling a wide range of intricate lead frame products and material solutions to the semiconductor packaging industry. The other company, c2, is a manufacturer of heavy equipment and is a regular supplier of lead frame equipment to c1. The attackers were able to successfully loot from this scenario.
In April 2022, C1 received an email from C2 stating that they needed to update their payment information. The reason given was that they were unable to accept payment due to an update. The email was sent to C1 from the actual email address of C2.
So, C1 believed the request and sent $2,462,000. But hackers forged the transfer, gaining all the funds.
Ensure your Cyber Resiliance with the recent wave of cyber-attacks targeting the financial services sector. Almost 60% respondents not confident to recover fully from a cyber attack.
After discovering the fraud, the money was immediately frozen by C1. The United States Secret Service (USSS) then tracked down the sole signatory of the account that received the funds.
During the investigation conducted by the United States Secret Service (USSS), S.T. claimed that he was not the rightful owner of the money and that he had no prior business dealings with C1 or C2. S.T. explained that he had met a group of individuals at a Bitcoin conference around January 2022 and that the group had contracted him to provide his services.
In order to receive payment for his services, S.T. granted the group access to his financial data. According to S.T., communication between him and the organization was primarily conducted through the WeChat messaging app. When S.T. requested payment, the organization denied any allegations of fraud.
Over the past two decades, the federal government has successfully returned over $11 billion in funds that were obtained through illegal means to their rightful owners through the process of federal forfeiture.
According to the report, the Business Email Compromise (BEC) is the main reason for these frauds.
It impacts global corporations, governments, and individuals that use wire transfers for payment, resulting in $8 million in daily losses.
To prevent this, we should be aware of emails by verifying the intended recipient by phone or in person.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.