How Wedgwood was targeted and how our processes prevented a $35,000 scam….
Anyone who thinks Cyber Risk is only for large companies is mistaken. While complex cyber attacks on large corporations get all the news, it’s the smaller, well organized scams targeting small and medium size businesses that are doing the damage. It’s going on every day, businesses are being scammed, and nobody is talking about it.
On December 12th, 2014 a very authentic looking email was received at our office, that appeared to be an internal email, requesting our administration department to wire transfer $35,000. A word document was attached with instructions.
The tone of the email was very authentic. Note that the domain on the “From email’ has been changed to .co from .com. - everywhere else in the message, the wedgwoodinsurance.com domain remains unchanged. Unless you read the email VERY carefully, it would be very easy for this to go unnoticed.
Wedgwood has a verification policy before any wire transfers are authorized, so we were able to prevent the bank from executing any instructions.
We had an investigation into this email, and advised the police - this was a very sophisticated fraud attempt.
- The original email was initiated from a South African IP address.
- The Point of Contact for the IP registrant was in the Mauritius
- It was routed through a Canadian service in Western Canada.
- The wedgwoodinsurance.co domain was registered in Hamilton, Bermuda.
The information to create the fraudulent email was likely gathered on the internet and our own website. This was not created by some school kids for a lark; this was a coordinated, highly organized fraud.
At Wedgwood, we’ve put resources into cyber awareness, training, mitigation and prevention. We were ALMOST fooled. How many companies have been victims of a cyber attack like this and would publicly admit it?
This is what Cyber Risk looks like - it’s not just hackers trying to plant viruses, steal information or get through firewalls. It’s also the coordinated gathering of information from various sources to enable criminals to be able to use electronic or other means to steal Personal Information or money.
BASIC STEPS TO PREVENT CYBER CRIME
- Don’t rely on your IT team – it’s not their only job
- Train your team on how to detect/prevent scams, phishing emails etc;
- Get outside oversight on your network and it’s vulnerabilities
- Put policies/procedures in around technology usage and security