Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Criminals Make Off With USD $150,000 in Business Email Compromise Real Estate Scam

    Business-email-compromise-ceo-fraudScammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, inherited her uncle’s house in Australia when he passed away in 2014.

    In 2018, Appert decided to sell the house and got in touch with an Australian law firm, KF Solicitors, on July 1st. On July 18th, she received an email that read, “The sellers [sic] authority just needs to be emailed back to us and not posted.” She emailed her bank details to the company in a PDF.

    Over the next month, Appert and her son worked with KF Solicitors to have the money transferred to Appert’s account. However, the money kept bouncing back. On August 10th, Appert received an email supposedly confirming the wire transfer with the wrong bank account number.

    KF Solicitors said they never sent this confirmation, and that they had already transferred the money to an account owned by a company called Kristal Contractors LLC. Appert contacted US law enforcement on August 11th, and on August 14th, Appert’s bank confirmed that the attackers had stolen her money on August 6th. KF Solicitors tried to freeze the transfer, but it was too late.

    “There aren’t a lot of details about this case beyond what Appert relates,” writes Vaas. “But more than anything, it sounds like business email compromise (BEC, also known as CEO Fraud): a crime that’s a bit like phishing but without the fake website. Fraudsters contact employees, generally at small companies, often through spoofed email addresses but also by phone, and then impersonate trustworthy business contacts, be they suppliers or customers. In this case, the ‘corporate account’ with Kristal Contractors LLC was likely the purportedly trustworthy business party.”

    BEC scams are increasingly popular among criminals, and organizations need to ensure that they’ve implemented proper authentication protocols for money transfers. New-school security awareness training can also help employees be on the lookout for this type of behavior and prevent social engineering tricks.

    Naked Security has the story: https://nakedsecurity.sophos.com/2019/01/17/email-crooks-swindle-woman-out-of-150k-from-home-sale/

    CEO-Fraud-Pages.jpg

    Get Your CEO Fraud Prevention Manual

    CEO fraud has ruined the careers of many executives and loyal employees. Don’t be next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

    Click Here To Download The Manual

    PS: Don't like to click on redirected buttons? Copy and paste this link in your browser:

    https://info.knowbe4.com/ceo-fraud-prevention-manual

     

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering, CEO Fraud

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews