Queensland Company Nearly Defrauded Over $100k

I received a very surprising email from one of my Brisbane based customers when I was on holiday at the end of April.  They asked me to investigate the email thread that they had included in the email they sent me. 

In the email thread, there were 2 or 3 replies from the CFO to the MD as the initial request from the MD had asked the CFO in the email to make a “wire transfer” which prompted some suspicion over the request because of the language used.  When the CFO replied and asked more specific questions the reply came back within minutes and everything seemed legitimate but the CFO wasn’t 100% convinced, they knew the MD was in meetings all day in Sydney but sent them a text to call when they could.  When the MD called the CFO, the CFO discovered that the MD hadn’t written the emails and had no knowledge of them.  That’s when we came in.

We discovered that the emails had originated from a legitimate domain that was slightly different from the actual company, so instead of for example sewing.com.au  it was sewinq.com.  The name of the sender was the same as the MD, so it looked like the actual person was sending the email, particularly when the emails were being viewed on a mobile device.  Someone had gone to a lot of trouble to set up this domain and email accounts that were the same as the company's.  The attachment which was a wire transfer document had the address of an ASIC registered business and legitimate bank details.  We told our customer to contact the police as they would need to investigate.

Our customer is very diligent, we have helped them implement anti-spam, anti-virus, anti-malware as well as a firewall.  They have password policies and various other IT related policies.  They are a mid-sized company with approximately 200 employees and the wire transfer request was for $106,000.  Despite all of these in place, it was only the diligence of the CFO that prevented them losing a considerable amount of money through fraud. 

We’ve since performed a review with this customer and worked together to strengthen their cyber security.  Some of the most important recommendations we made were –

  1. Raising awareness of cyber security with staff and providing on-line training and testing
  2. Reviewing company policies around technology to ensure that good practice is continued to be followed and setting guidelines around the use of technology. 
  3. Implementing a mobile device management solution that will help protect the company mobile fleet of smart phones and tablets.
  4. Implementing a web protection filter that will help protect the company from malware attacks.

Technology alone will not protect your business from cyber-attack.  It is absolutely critical that your business has multiple layers of security to help prevent the threats from reaching their target but it is equally as critical to ensure your staff are cyber threat aware as they are increasingly becoming your cyber security guards.

About the Author

Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business.

Call us today on 1300 4 787 389 or email info@suretyit.com.au to discuss your requirements.