Por Wagas em 28/01/2018 no site HackRead
Another day, another phishing scam – This time Harris County, Texas wired almost $900,000 after falling for a phishing email.
In normal circumstances, cybercriminals take advantage of the lack of knowledge of their victims but in this phishing attack, they have touched new lows by making a profit out of the devastation caused by hurricane Harvey.
Transfer $888,000 “She” Said
It all started on September 21st, 2017 when an estimated 30 percent of Harris County, Texas was submerged due to hurricane Harvey. The auditor’s office of the county received an email from a woman going by the supposed name of Fiona Chambers in which she posed as an accountant for D&W Contractors, Inc.
D&W Contractors, Inc. is a legitimate company that happened to be working that day to fix the damage caused by the hurricane in the county. In the email, Chambers asked the office to transfer a sum of $888,000 to the new bank account of the Contractors as part of its contract.
“If we can get the form and voided check back to you today would it be updated in time for our payment?” according to the email content mentioned by Houston Chronicle.
In return, the county transferred $888,000 to the bank account provided by Chambers without verifying if the bank account actually belonged to D&W Contractors, Inc. or not. The very next day, it turned out that the county has fallen for a tricky phishing scam and that there was no one by the name of Fiona Chambers in the company neither was there a bank account belonging to the contractors.
Now, the incident is being investigated by the FBI (Federal Bureau of Investigation) and their prime suspect is a group that is known for targeting local governments worldwide. On the other hand, the county has learned its lesson and vows to increase its cybersecurity and overhaul and learn from how it handled the situation.
“We live in a rapidly changing world of technology that you can’t just sit pat and expect that the bad guys aren’t going to come after you. I think we need to look at all of our systems to be sure that somebody can’t get in and steal taxpayer money” said Harris County Judge Ed Emmett said.
Previous Scam Link Back To China
In June last year, a similar incident took place in which a state Supreme Court judge Lori Sattler, who was in the process of selling her apartment to buy another one received an email she believed came from a legitimate real estate lawyer.
In the email, the supposed lawyer asked her to transfer $1 million to a bank account. Following the instruction, she transferred a sum of $1,057,500 to the bank account, however, the money was sent to a bank in China, reportedly Commerce Bank of China rather than the lawyer.
It is unclear if both cases are related but what is similar in both cases is that attackers know the exact situation of their victims along with their business dealings. Nevertheless, phishing scams are becoming sophisticated and unsuspecting users need to remain vigilant, avoid downloading attachments from unknown emails and always confirm the authenticity of the email before giving away your personal information or wiring funds.
Here are some useful tips to secure yourself from phishing attacks.
Nenhum comentário:
Postar um comentário