A phishing attack on an Office 365-account enabled a 3 Mil CEO Fraud Scam at an investment firm. Finnish antivirus company F-Secure reported on their blog. One of the employees at the victim's office received a phishing email that looked like it was from DHL, and led to a fake site.
The employee left their credentials and became a social engineering victim. There was no 2-Factor Authentication enabled on the account. Unfortunately, this employee also used his email account to send payment data for a transaction.
The cyber criminals were monitoring his email and resent some critical emails, but with a "correction" to a new account number. In an attached Excel file they had changed the account number where 3 million Euro were supposed to be sent, which was done.
However, the language in the Excel attachment was so badly translated that red flags went up, although much too late. The investment firm was able to freeze the transaction at the very last moment, and found out that the employee account had been compromised. F-Secure commented that the bad guys almost got away with this one.
CEO fraud has ruined the careers of many executives and loyal employees, causing over $26 billion in losses. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.
