The dollar value involved is mind boggling 47M?
It is time to
- Check and ensure "Anti-Spoofing" features in the Email Gateways work and also verify their level of success and failures.
- Implement Alternate (non-email) methods to validate the request
From the Article:
Cyber thieves recently stole $46.7 million using an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers.
In February, con artists made off with $17.2 million from one of Omaha, Nebraska’s oldest companies — The Scoular Co., an employee-owned commodities trader.
In March 2015, I posted the story Spoofing the Boss Turns Thieves a Tidy Profit, which recounted the nightmarish experience of an Ohio manufacturing firm that came within a whisker of losing $315,000 after an employee received an email she thought was from her boss asking her to wire the money to China to pay for some raw materials.
The FBI’s advisory on these scams urges businesses to adopt two-step or two-factor authentication for email, where available, and/or to establish other communication channels — such as telephone calls — to verify significant transactions
For More Info:
No comments:
Post a Comment