321546

Wednesday 12 July 2017

More Social Engineering Fraud

My last post was about the ever increasing scourge of "Social Engineering", which is one of the hottest topics in the insurance industry these days. BlueCircle deals with all sorts of insurers who have a well spread variety of cyber-risk insurance and building proper coverage for losses associated with this latest plague of internet scams is now at the forefront.

image courtesy of SysTools


And, just in case you don't think this is a real threat to your personal or company's financial health, how about the case of both Google and Facebook back in 2013, 2014 and 2015. Yes, two giants in the internet and tech worlds and both duped into paying upwards of $100 million to a Lithuanian man who sent out numerous phishing e-mails to employees of these two firms.

The accused fraudster would send out fake invoices and letters from e-mail accounts designed to look exactly like those of an Asian company that did regular multi-million dollar transactions with Google and Facebook. The invoices and letters appeared to be signed by executives and agents of the victimized companies and tricked over trusting employees into wiring funds to alternate and illegitimate accounts belonging to the perpetrator, Evaldas Rimasauskas.

The bulk of the funds have been recovered but if two companies with advanced cyber security can be duped like this, what about your own, smaller business.

image courtesy of Comodo

Obviously, training is the key in detecting dubious payment requests and employees need to know that they are an integral part of a company or business security system.

No comments:

Post a Comment