Sophisticated Bank Scam
On a recent call with our C12 IT Affinity group, one of the companies shared a client story that we just had to share with you!
At the client, the financial person’s account was compromised. The hacker was able to change the password to the bank, and the only Two-Factor (Multi-Factor) Authentication in place was to that same person’s email account. Over $700K was transferred! The hackers had also added an email rule that forwarded any incoming bank emails to a different email address.
If you find out that an email account has been compromised, check out the rules; this is a common ‘first step’ for the hackers. It could be a forward rule as in the case above; it could be a rule to delete all incoming mail that has the letter ‘X’ (this really happened); or similar.
Check out your Cyber Insurance rules—not all Cyber insurance covers wire transfers. —CMW