Earlier in August, one of the world's largest cable manufacturers Leoni AG publicly confessed that it had fallen victim to a classic CEO Fraud attack that has cost the company a whopping 44 million dollars. Following two weeks of intensive investigations, new details surfaced and the thieves turned out to have used sophisticated social engineering tactics combined with email spoofing.
The attackers crafted emails to appear like legitimate payment requests from the head office in Germany and sent them to a subsidiary of Leoni in Bistrita, Romania.
CEO Fraud targeted Leoni's Romanian headquarters
According to authorities, a young woman working as CFO at Leoni's Bistrita factory was the target of the scam, when she received an email spoofed to look like it came from one of the company's top German executives. She then proceeded paying out $44 million in the process.
Bad guys penetrated Leoni months in advance
Leoni is not the first company to fall for CEO Fraud, we have been talking about a lot of these incidents the last year. For instance, toy manufacturer Mattel came close to losing $3 million in an attack like this.
Back in April, the FBI released a report claiming that more than 17,000 people across the globe have been tricked into similar scams over the last 2 years. This amounts to more than $2.3 billion lost in fraud incidents.
Get your Free Domain Spoof Test
Can hackers spoof an email address of your own domain and get away with millions??
Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.
Would you like to know if hackers can spoof your domain? KnowBe4 can help you find out if this is the case with our free Domain Spoof Test. It's quick, easy and often a shocking discovery. Find out now if your email server is configured correctly, our tests over the last 2 years show that 82% of servers fail to handle spoofed emails correctly.
PS, don't like to click on redirected buttons? Cut & paste this link in your browser: