A woman is being sued for sending approx. 250K of her employer's cash to an online fraudster. Patricia Reilly, who was working for the UK Peebles Media Group fell for a CEO Fraud Scam where the criminals sent her emails pretending Mrs Reilly's boss.
The lawsuit alleges that Mrs Reilly ignored a warning from bankers about con artists tricking employees into making payments to companies. Mrs Reilly was giving evidence on the third day of proceedings at the highest civil court in Edinburgh after winding its way through lower courts.
Mrs Reilly handed over a total of £193,250 of the company's money to fraudsters and the issue came to light a few days later when a colleague logged onto the firm's online bank account and noticed a fraud warning. She told the court: "I was also told that to say I wasn't flavour of the month was a major understatement."
They have described her actions as "careless and in breach of the duties - including the duty to exercise reasonable care in the course of the performance of her duties as an employee which she owed to her employer, the pursuer."
Peebles also claims that if Mrs Reilly had performed her duties properly, Mrs Bremner would not have suffered "the loss, injury and damage". The firm has claimed that she should have realized the emails were suspicious.
She did not receive any training on how to spot online fraud
However, Mrs Reilly's legal team have said that she did not receive any training on how to spot online fraud and have called for the case to be dismissed. The hearing continues. Story at bbc.com
Wow. Another very excellent reason to step employees through new-school security awareness training.
Free Phishing Security Test
Would your employees fall for a CEO Fraud attack like this? Take the first step now and find out your organization's Phish-prone™ percentage. Here's how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: