Company Lost $44m Through One Email Fraud

Uploaded on 2016-09-26 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

One of the world’s leading wire and cable manufacturers, Leoni AG, has been swindled out of a jaw-dropping 40 million Euros (approximately US $44 million) after it was targeted by an email scammer.

A young woman working in the finance department of Leoni’s factory in Bistrita, Romania, received an email in mid-August claiming to have come from the company’s senior German executives.

Using inside information to appear more convincing, the email was able to trick the recipient into believing it was a genuine request for a staggering 40 million Euros to be transferred out of the company’s bank account. Unconfirmed reports claim that the stolen money was switched into bank accounts in the Czech Republic.

The revelation of how the fraud was perpetrated comes after a two-week investigation by Leoni and Romania’s DIICOT (Directorate for Investigating Organized Crime and Terrorism) law enforcement agency.

In June 2016, the FBI reported that companies had been stung to the tune of US $3 billion as a result of business email compromise attacks and that there had been a 1300% increase in identified losses since January 2015.

As long as attackers continue to spirit away large sums of money from companies, the business email compromise attacks are going to intensify. All organizations need to educate their staff about the threats and put measures in place to reduce the chances of them becoming the next victim of a whaling attack.

Tripwire

 

« Managing Cyber Risk
Delete/Never-Use Google Allo: Says Snowden »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

Aiuken Cybersecurity

Aiuken Cybersecurity

Aiuken is an international IT Security company, focused on communications and IT technologies, specialised in Security and Cloud Services solutions with high added value.

Naukrigulf

Naukrigulf

Naukrigulf.com is one of the fastest growing job sites in the Gulf, with thousands of registered job seekers and a robust CV database across many sectors, including cybersecurity.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Swiss Cyber Institute (SCI)

Swiss Cyber Institute (SCI)

The Swiss Cyber Institute is a registered cyber security education provider by the State Secretariat for Education, Research, and Innovation SERI.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

Sealing Technologies (SealingTech)

Sealing Technologies (SealingTech)

SealingTech is a leader in cutting edge research, products, engineering, and integration services in the Internet of Things, Edge, Machine Learning, Artificial Intelligence, and Cloud.

AnzenSage

AnzenSage

AnzenSage is a cybersecurity advisory consultancy specializing in security risk resilience for the food sector: agriculture, food manufacturing, food supply chain, vineyards, and wineries.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Amplifier Security

Amplifier Security

Amplifier Security are on a mission to empower security teams to modernize their practice by connecting the dots between their security stack and their people.