Last month, international corporation Leoni AG admitted something that no company ever wants to: they were fleeced out of $44 million. The cause of this massive mistake is a familiar one: business email compromise or “CEO fraud,” by which hackers use sophisticated social engineering strategies to entice employees to transfer funds for supposedly legitimate means.
How do these cybercriminals get away with such a bold move? Via email spoofing — hackers imitate domain names (think thiisisyourcompanyname.com instead of thisisyourcompanyname.com), then comb social media, LinkedIn, and company directories to discern more detailed information about that company’s employees.
In Leoni’s case, a CFO at a factory in Bistrita, Romania, received a legitimate-looking message from what looked like a high-level executive at company headquarters in Germany. The hackers accumulated extensive intelligence on Leoni’s internal protocol for initiating and OK’ing wire transfers, probably gleaned through months of spying on Leoni’s emails and breaking down its hierarchical decision-making process.
The hackers even knew that, of Leoni’s four facilities in Romania, only the site in Bistrita was approved to transfer money. Some reports say they may have even identified common days and times when the specific high-level executive whose email was spoofed would send financial transfer requests to the CFO in question, striving to have their fraudulent request look as real as possible.
Could such an attack have been prevented?
Although it was far more sophisticated than the 17,000 or so other successful social engineering scams the FBI has identified, the Leoni hack could have been avoided. CMIT Solution’s comprehensive network security includes cyber-threat awareness training for employees and ongoing re-education for executives. The good news? The five most common strategies we recommend are relatively easy to implement:
1. Analyze the domain and account names, subject lines, and email text that accompanies any financial request.
2. Safeguard against spyware and malware by NEVER clicking on ANY unrecognizable link in an email.
3. Prevent ransomware infection by NEVER opening ANY attachment from a sender you aren’t expecting something from.
4. Use enterprise-grade secure email hosting instead of free web-based services.
5. Flag suspicious messages as spam or junk to help firewalls and content filters do a better job of identifying spoofed emails.
Why is all of this so important?
Because business email compromise is on the rise —the FBI estimates that more than $2.3 billion has been inadvertently handed over to hackers, just since 2014. Leoni may have admitted to their multi-million-dollar mistake, calling more attention to the issue and hopefully resulting in stronger action from the industry. But the fact of the matter remains that they have little recourse to recover that lost $44 million.
To prevent your company from suffering a similar fate, contact CMIT Solutions. We offer comprehensive, layered solutions that stay up-to-date with the changing cybersecurity landscape. And our elite-level email hosting services work overtime to confront the threat posed by email compromise and spoofing.
Want to know more about how to keep your data and your employees safe? Contact us today. We worry about IT so you don’t have to.