+- MacResource (https://forums.macresource.com)
+-- Forum: My Category (https://forums.macresource.com/forumdisplay.php?fid=1)
+--- Forum: Tips and Deals (https://forums.macresource.com/forumdisplay.php?fid=3)
+--- Thread: This CFO fell for phishing scam (/showthread.php?tid=195289)
This CFO fell for phishing scam - space-time - 09-23-2016
Cable giants Leoni AG lose €40m after CFO transfers funds to hacker's bank account
http://www.ibtimes.co.uk/cable-giants-leoni-ag-lose-40m-after-cfo-transfers-funds-hackers-bank-account-1579335
Re: This CFO fell for phishing scam - cbelt3 - 09-23-2016
It's called "Spear Phishing". And it happens everywhere.
We had a senior director get caught in a spear phishing attack. In responding to an 'invoice', he load ransomware, which then attacked our main file share systems before internal alarms went off and our security group shut everything down and restored from backup.
The attacker knew a LOT about our company... internal processes, document formats, people's names, etc. A lot of research went into the attack. That's what makes it so frightening.
Re: This CFO fell for phishing scam - testcase - 09-23-2016
Four offices and, only the office in Romania is authorized to transfer money out of the company. Sounds phishy.
Re: This CFO fell for phishing scam - max - 09-23-2016
testcase wrote:That is incorrect, only the factory office in Romania, out of the four in that country, is authorized to transfer money for the four of the manufacturing operations.....
Four offices and, only the office in Romania is authorized to transfer money out of the company. Sounds phishy.
Re: This CFO fell for phishing scam - NewtonMP2100 - 09-23-2016
....might be because.....PHISH gotta' swim....birds gotta' fly........???
Re: This CFO fell for phishing scam - fauch - 09-26-2016
Do major cooperate CEOs really just "email" their subordinates and tell them to wire 40 million bucks into someone else's account?
Can and will the average CFO then just "do that" without any oversight or verification?
If that is the case, I'm shocked this sort of thing doesn't happen all the time. It's not that hard to forge an email...